www.interhightrack.com Open in urlscan Pro
208.113.153.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.interhightrack.com/
Submission: On April 18 via automatic, source certstream-suspicious (April 18th 2021, 1:52:27 am UTC)

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 22 domains to perform 72 HTTP transactions. The main IP is 208.113.153.160, located in United States and belongs to DREAMHOST-AS, US. The main domain is www.interhightrack.com.
TLS certificate: Issued by R3 on February 21st 2021. Valid for: 3 months.

This is the only time www.interhightrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	208.113.153.160 208.113.153.160	26347 (DREAMHOST-AS) (DREAMHOST-AS)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	172.67.38.97 172.67.38.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3039::6815:c035	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	143.204.245.73 143.204.245.73	16509 (AMAZON-02) (AMAZON-02)
2	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
4	54.72.18.9 54.72.18.9	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2013	15169 (GOOGLE) (GOOGLE)
72	24

3 208.113.153.160 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-linus.goochland.dreamhost.com

www.interhightrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)

statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3039::6815:c035 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.245.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-73.cph50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.18.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	387 KB
11	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	13 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	163 KB
8	webgains.com track.webgains.com diapi.webgains.com	137 KB
6	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	5 KB
3	google.com adservice.google.com www.google.com	675 B
3	interhightrack.com www.interhightrack.com	44 KB
2	m-t.io w-it.m-t.io	281 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	757 B
2	rlcdn.com 2 redirects id.rlcdn.com	892 B
2	statcounter.com statcounter.com c.statcounter.com	13 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.de adservice.google.de	921 B
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	awin1.com www.awin1.com	703 B
1	innovid.com ag.innovid.com	295 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	463 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	646 B
72	22

	Domain	Requested by
7	pagead2.googlesyndication.com	www.interhightrack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	track.webgains.com	as.ad4m.at analytics.webgains.io
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	api.webgains.io	analytics.webgains.io
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.interhightrack.com	www.interhightrack.com
2	w-it.m-t.io	analytics-wg.webgains.io
2	diapi.webgains.com	track.webgains.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	www.interhightrack.com cdnjs.cloudflare.com
1	analytics-wg.webgains.io	analytics.webgains.io
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	as.ad4m.at
1	ad4mat.net	ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	www.google.com	googleads.g.doubleclick.net
1	c.statcounter.com	statcounter.com
1	statcounter.com	www.interhightrack.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
72	33

This site contains links to these domains. Also see Links.

Domain
interhightrack.com
mocorunning.com

Subject Issuer	Validity	Valid
www.interhightrack.com R3	`2021-02-21` - `2021-05-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.interhightrack.com/
Frame ID: 8AC88BCAA0B8F0FC14EE60896661AC63
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: E951CF7851D0DBE193EBDE7B42973DFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&adk=1812271804&adf=3025194257&lmt=1618710729&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.interhightrack.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729793&bpp=13&bdt=70&idt=70&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8177500325258&frm=20&pv=2&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
Frame ID: E065B56B39C06102CF67AB94D36A9660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=250&slotname=3490821371&adk=3296151748&adf=2238086983&pi=t.ma~as.3490821371&w=150&lmt=1618710729&psa=0&format=150x250&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729908&bpp=3&bdt=185&idt=3&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1058&ady=17&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zf9TNZ7nj0&p=https%3A//www.interhightrack.com&dtd=8
Frame ID: 3E718B94DAF64D3B9FE91ED21312A02B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
Frame ID: 3BB81B3DFEA1BFAF5698170C91E92FA8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
Frame ID: 265F2D95625F528872FE95087DF923E7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F47945BB38DD477B59799FD1F641190
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0D66284DC173B6FCE31B14FADFCFB72D
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 800ABBBCE0B2E3B67EAFEC13F831DC64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: EB059FA6682237D5DA6DF41EE838C2F9
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Frame ID: 8DAC2B1F4B03D9E3D3A96153EAF029FD
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

72
Requests

100 %
HTTPS

50 %
IPv6

22
Domains

33
Subdomains

24
IPs

4
Countries

1016 kB
Transfer

1557 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://interhightrack.com/series.php?series_id=354&limit=1
Title: Inter-high Outdoor Track Championships

Search URL Search Domain Scan URL

URL: https://mocorunning.com/index.php
Title: Mocorunning.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIY6HHRF9ohLvoXA48r1JMsZu36eoxWnkSba4Iq3ISFjWgptfpYAUhF_WrEBeTX-FvHwLbrmXB3S_WA7_jPtwy7G-wxyHRV3g&google_gid=CAESEGJf3L797AKqTIKK1TT8ERM&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMqh7oMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJWTZISFJGOW9oTHZvWEE0OHIxSk1zWnUzNmVveFdua1NiYTRJcTNJU0ZqV2dwdGZwWUFVaEZfV3JFQmVUWC1Gdkh3TGJybVhCM1NfV0E3X2pQdHd5N0ctd3h5SFJWM2c HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZmhlc1phNS0tOGlxYjN4cGxxQTZ6QTNsTVNzeGt5UVJmN2UxTTJTWWV5dw==&google_push

Request Chain 28

https://rtb.openx.net/sync/dds?google_gid=CAESEOcBHLeioZpkLoQ6qeouzhA&google_cver=1&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEOcBHLeioZpkLoQ6qeouzhA&google_cver=1&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&google_hm=KzgFYk2GwZwAZqjg9gcagA==

Request Chain 29

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPx6cgOYW9CCzjMf4eblWgI&google_cver=1&google_push=AQvitULa_g04GU-XaXsw_Zn-3CCExYnMtJw7Th3cGKbhYuHead1bw2SNxeSTL_FFdcDFgG3lua0cC56znA92hS-ryGGEn36bzXeb8g HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPx6cgOYW9CCzjMf4eblWgI&google_cver=1&google_push=AQvitULa_g04GU-XaXsw_Zn-3CCExYnMtJw7Th3cGKbhYuHead1bw2SNxeSTL_FFdcDFgG3lua0cC56znA92hS-ryGGEn36bzXeb8g&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frw1ibchQzWFVX-iefN5DA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULa_g04GU-XaXsw_Zn-3CCExYnMtJw7Th3cGKbhYuHead1bw2SNxeSTL_FFdcDFgG3lua0cC56znA92hS-ryGGEn36bzXeb8g

Request Chain 30

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIK5ajI-1Jveb_sWvRGnu3o&google_cver=1&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1fRJy_nRrVyAJJvXYQ2ujeGamewQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NSUtQQTItMU0tN0JNTg==&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1fRJy_nRrVyAJJvXYQ2ujeGamewQ

Request Chain 31

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4m9cS6OUbQYr5PwWYQr0qqgc2rQdUsYResNPdsCkcGs9WPNMZWTsmEdR2TEJY70lhg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4m9cS6OUbQYr5PwWYQr0qqgc2rQdUsYResNPdsCkcGs9WPNMZWTsmEdR2TEJY70lhg&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHuQymyXUYL0iYz_-TvGGgAABKUAAAIB&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4m9cS6OUbQYr5PwWYQr0qqgc2rQdUsYResNPdsCkcGs9WPNMZWTsmEdR2TEJY70lhg

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.interhightrack.com/ 10 KB
3 KB 456ms
155ms Document
text/html 208.113.153.160
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.interhightrack.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.153.160 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-linus.goochland.dreamhost.com
Software: Apache /
Resource Hash: cc6b6fc45820f34a8cdae656db63be2448503b26d1b499df5a70ef592b031e3b

Request headers

:method: GET
:authority: www.interhightrack.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
server: Apache
cache-control: max-age=600
expires: Sun, 18 Apr 2021 02:02:09 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2962
content-type: text/html; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.interhightrack.com
URL: https://www.interhightrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48646
x-xss-protection: 0
server: cafe
etag: 9885252380620520250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Apr 2021 01:52:09 GMT

GET
H2 200 stylew3.css
www.interhightrack.com/ 23 KB
5 KB 139ms
138ms Stylesheet
text/css 208.113.153.160
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.interhightrack.com/stylew3.css
Requested by: Host: www.interhightrack.com
URL: https://www.interhightrack.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.153.160 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-linus.goochland.dreamhost.com
Software: Apache /
Resource Hash: 4614bc87c4b3790684c5d6c498328459927468b6f730f8a54655f2cd8cd514b6

Request headers

:path: /stylew3.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.interhightrack.com
referer: https://www.interhightrack.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 18:05:40 GMT
server: Apache
etag: "5b46-5aed12ed2ac67-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5197
expires: Tue, 18 May 2021 01:52:09 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.interhightrack.com
URL: https://www.interhightrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2622117
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 098446ac010000324c42221000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1hKPB6V0F56CA4XNBmH8YFxL7y%2BiVtwUcnNEjRPA%2Fdb8NQ0oHyOl5xlWo3Qgc3EDShhoPCUIFeF%2F5IK8t2Q%2BtB0b3lnEf9SL0nTGrWxwHRyVXzwPXJHV7hvdt%2FlQkhSMeg%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641a408ccf4a324c-FRA
expires: Fri, 08 Apr 2022 01:52:09 GMT

GET
H2 200 interhigh_logo_transparent_600.png
www.interhightrack.com/images/ 35 KB
35 KB 139ms
139ms Image
image/png 208.113.153.160
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interhightrack.com/images/interhigh_logo_transparent_600.png
Requested by: Host: www.interhightrack.com
URL: https://www.interhightrack.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.113.153.160 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-linus.goochland.dreamhost.com
Software: Apache /
Resource Hash: d101b20d966758be625ed45339d6f38509f987575d5e4d75ff36f5fd479784a6

Request headers

:path: /images/interhigh_logo_transparent_600.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.interhightrack.com
referer: https://www.interhightrack.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
last-modified: Wed, 09 Sep 2020 00:29:15 GMT
server: Apache
etag: "8c78-5aed68a9931ff"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35960
expires: Tue, 18 May 2021 01:52:09 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ 222 KB
83 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1979231855584754&plah=www.interhightrack.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84747
x-xss-protection: 0
server: cafe
etag: 7950800710615234990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Apr 2021 01:52:09 GMT

GET
H3-29 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
13ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.interhightrack.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 887233
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 098446ac4d00004a735b0e0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0a3GfMwNMRSV6qosGgcfbldtzpCVfo%2F1eINrHpUNeYcuAMmUaQSM3xQ6z4IC2bjVqXKzMTpT0H2GBh8ENPNWBZXHF6OpGkhJpF%2Bvj9xGaistTI%2FsIsUzDNu0plWToVeljQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641a408d4b424a73-FRA
expires: Fri, 08 Apr 2022 01:52:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame E951 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210414/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.interhightrack.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.interhightrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 17 Apr 2021 14:17:37 GMT
expires: Sat, 01 May 2021 14:17:37 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 41672
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
646 B 141ms
49ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.interhightrack.com&callback=_gfp_s_&client=ca-pub-1979231855584754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1979231855584754&plah=www.interhightrack.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f7d002c75ad8236d70012e8ade018871ac15204d73b0be7f1e0479e31a017330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.interhightrack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.interhightrack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E065 54 B
56 B 78ms
65ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&adk=1812271804&adf=3025194257&lmt=1618710729&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.interhightrack.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729793&bpp=13&bdt=70&idt=70&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8177500325258&frm=20&pv=2&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1979231855584754&output=html&adk=1812271804&adf=3025194257&lmt=1618710729&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.interhightrack.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729793&bpp=13&bdt=70&idt=70&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8177500325258&frm=20&pv=2&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.interhightrack.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.interhightrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 01:52:09 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 02:07:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 01:52:09 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sun, 18 Apr 2021 01:52:09 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E71 399 B
221 B 102ms
101ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=250&slotname=3490821371&adk=3296151748&adf=2238086983&pi=t.ma~as.3490821371&w=150&lmt=1618710729&psa=0&format=150x250&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729908&bpp=3&bdt=185&idt=3&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1058&ady=17&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zf9TNZ7nj0&p=https%3A//www.interhightrack.com&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f06d14d66e7a4d4d588c16bf4ad30a1257af912c2cca95806b5c8813e072b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1979231855584754&output=html&h=250&slotname=3490821371&adk=3296151748&adf=2238086983&pi=t.ma~as.3490821371&w=150&lmt=1618710729&psa=0&format=150x250&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710729908&bpp=3&bdt=185&idt=3&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1058&ady=17&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zf9TNZ7nj0&p=https%3A//www.interhightrack.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.interhightrack.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.interhightrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 01:52:10 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 02:07:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 01:52:10 GMT
cache-control: private

GET
H2 200 counter.js Show response
statcounter.com/counter/ 38 KB
13 KB 226ms
80ms Script
application/x-javascript 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: www.interhightrack.com
URL: https://www.interhightrack.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 10:15:35 GMT
server: cloudflare
age: 11114
etag: W/"6006b147-98f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 641a408f29d84c86-AMS
cf-request-id: 098446ad7800004c868eb64000000001
expires: Sun, 18 Apr 2021 10:46:56 GMT

GET
H2 200 text.php Show response
c.statcounter.com/ 63 B
510 B 205ms
204ms XHR
application/json 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/text.php?u1=DF0FA630B3F34FD4C5DA21F7A120CA06&sc_project=12388805&java=1&security=ad21a9dc&sc_snum=1&sess=830817&sc_rum_e_s=907&sc_rum_e_e=911&sc_rum_f_s=0&sc_rum_f_e=904&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.interhightrack.com/&t=Interhigh%20Track&text=2&get_config=true
Requested by: Host: statcounter.com
URL: https://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f62b8ef889e94869be8c1da2c246b6a0d49ec2942cf6cba088f4a736367c48

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 641a408fca614c86-AMS
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.interhightrack.com
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 098446add800004c86fc1ed000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.interhightrack.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.interhightrack.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BB8 13 KB
7 KB 117ms
117ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a137b6127335d1f67d6319a8abff6be57499cd1bd1ccbabb057385d4027233d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.interhightrack.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.interhightrack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 01:52:10 GMT
server: cafe
content-length: 6745
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_0OOmnwoUGV9X_a2b8ChCYPTnsDt30TVYzqtQ54QsgAuS4AZY8iC95PVRmeM; expires=Fri, 13-May-2022 01:52:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 01:52:10 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 3BB8 2 KB
1 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 01:25:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BB8 118 KB
36 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sun, 18 Apr 2021 01:52:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 3BB8 13 KB
6 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 01:14:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3BB8 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnCwnn5dSoBNrTvQBnS4j-x6MaOLy9CQbWvk5R08D-YS95v_f-JdOCX5jeNj1zqVpCU4OhV8HbVMSfNeesi5MmGCzo0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BB8 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZvOeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNMBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9FgzPYV53g24zHFPY47b3ieyuioAGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAbIXGAoWEhRwdWItMTk3OTIzMTg1NTU4NDc1NA&sigh=7vajJNFVF7Q

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Apr 2021 01:52:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3BB8 0
0 29ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hb3ghvag4kq4srejwram49ypxcax2s6dbk4rannbt9e973g4mq9w9hcdeegq4xzgpqje9pfn9adces7f34rae8exabf0d6s78ecze784y4fywhqzrescys32tynrdkmxrg49f4wwd1esn4cm6n37y29gb4592rd5esyjh8rv6x1xx0bk9y7j9sqbcd2kq8n8mrx8nrk70bax281v77xckxdyvkr9h85z4pa32frym7ybbhpadhtvdp9kshtkx39ynkk2cy451k5sgebvpqf7dwrz8z9b1bdftb0xpe9hzzzmyz36y21w278eh6a5n4ecf6w742cgk0hvw4f7pj05hybjf1zx4yvweaxa2be9pscjvsnt8xfe90qhq4bgfxhe4ev94wyfkt8dcsa&b=YHuQygAC_r0Iu8CUAACwFTVOkh5Hy339nF-rQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Apr 2021 01:52:10 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 265F 2 KB
2 KB 37ms
22ms Document
text/html 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242abb2ba87ef693c2b6846960d79f22a52ab925f5ea11bfce99ef1b224ac36c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd1c113030fd56a130659db8b1dc7af021618710730; expires=Tue, 18-May-21 01:52:10 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7rdk
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 098446ae5500002bce053d0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 641a40908d482bce-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1F47 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 17 Apr 2021 16:59:40 GMT
expires: Sun, 18 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 31950
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1F47 35 B
463 B 25ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE6dv29MjyUdy4xqsH9MlaM&google_cver=1&google_push=AQvitUJrwf74Lq6EpZMnxrsz2coX7PnQJWK6eSirBHsuISBPz3BltzLJ8qNeIgp8ue4x7PlsPwDYJySCLOGF6vM_Oxks8CB48e3Glw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F47
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIY6HHRF9ohLvoXA48r1JMsZu36eoxWnkSba4Iq3ISFjWgptfpYAUhF_WrEBeTX-FvHwLbrmXB3S_WA7_jPtwy7G-wxyHRV3g&google_gid=CAESEGJf3L797AKqTIKK1TT8ERM&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMqh7oMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJWTZISFJGOW9oTHZvWEE0OHIxSk1zWnUzNmVveFdua1NiYTRJcTNJU0ZqV2dwdGZwWUFVaEZfV3JFQmVUWC1Gdkh3TGJybVhCM1NfV0E3X2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZmhlc1phNS0tOGlxYjN4cGxxQTZ6QTNsTVNzeGt5UVJmN2UxTTJTWWV5dw==&google_push

170 B
188 B

81ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZmhlc1phNS0tOGlxYjN4cGxxQTZ6QTNsTVNzeGt5UVJmN2UxTTJTWWV5dw==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 18 Apr 2021 01:52:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZmhlc1phNS0tOGlxYjN4cGxxQTZ6QTNsTVNzeGt5UVJmN2UxTTJTWWV5dw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F47
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOcBHLeioZpkLoQ6qeouzhA&google_cver=1&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD
https://rtb.openx.net/sync/dds?google_gid=CAESEOcBHLeioZpkLoQ6qeouzhA&google_cver=1&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&google_hm=KzgFYk2GwZwAZqjg9gcagA==

170 B
188 B

86ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&google_hm=KzgFYk2GwZwAZqjg9gcagA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK4eYcVNtbQEMgpmk0ixqsEm94679d4L5DBPBhwBAMENg4NhxKie_YGqWfIqy6eiW4F9WO4MCAc6dYxetpqDUGK6sJ1rRtD&google_hm=KzgFYk2GwZwAZqjg9gcagA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: mls2dh7prclscdcc18adeb7lll8fuvo2

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F47
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frw1ibchQzWFVX-iefN5DA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frw1ibchQzWFVX-iefN5DA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULa_g04GU-XaXsw_Zn-3CCExYnMtJw7Th3cGKbhYuHead1bw2SNxeSTL_FFdcDFgG3lua0cC56znA92hS-ryGGEn36bzXeb8g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frw1ibchQzWFVX-iefN5DA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULa_g04GU-XaXsw_Zn-3CCExYnMtJw7Th3cGKbhYuHead1bw2SNxeSTL_FFdcDFgG3lua0cC56znA92hS-ryGGEn36bzXeb8g
Date: Sun, 18 Apr 2021 01:52:09 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F47
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIK5ajI-1Jveb_sWvRGnu3o&google_cver=1&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NSUtQQTItMU0tN0JNTg==&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1fRJy_nRrVyAJJvXYQ2ujeGamewQ

170 B
188 B

100ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NSUtQQTItMU0tN0JNTg==&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1fRJy_nRrVyAJJvXYQ2ujeGamewQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NSUtQQTItMU0tN0JNTg==&google_push=AQvitUIbNjABbM90R7Harq5CldYxc0iiPG1PzehTYe8NNLw5Zxu9ZbK5N_qsdqToPGgdXpqyIQ1fRJy_nRrVyAJJvXYQ2ujeGamewQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F47
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHuQymyXUYL0iYz_-TvGGgAABKUAAAIB&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4...

170 B
188 B

86ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHuQymyXUYL0iYz_-TvGGgAABKUAAAIB&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4m9cS6OUbQYr5PwWYQr0qqgc2rQdUsYResNPdsCkcGs9WPNMZWTsmEdR2TEJY70lhg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHuQymyXUYL0iYz_-TvGGgAABKUAAAIB&google_gid=CAESEOwBb_8OrjdERpIys9oUXFE&google_cver=1&google_push=AQvitUIDWJfyAgq7aLuKY6jCNcohenHWDc1j4m9cS6OUbQYr5PwWYQr0qqgc2rQdUsYResNPdsCkcGs9WPNMZWTsmEdR2TEJY70lhg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Sun, 18 Apr 2021 01:52:10 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 1F47 43 B
295 B 76ms
22ms Image
image/gif 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGkHKXgoudzd2mLUzOgPArE&google_cver=1&google_push=AQvitUIRncNmv4NlWUJW2bRfZULunOsjqzFXnUXmZVHRtDM-4aynqmzW3gfkf5B_OYmcWT3VMjxOHlwYQfd_h-moINOmKYSnQbrZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1979231855584754&output=html&h=90&slotname=7235291839&adk=885347780&adf=2332392643&pi=t.ma~as.7235291839&w=728&lmt=1618710730&psa=0&format=728x90&url=https%3A%2F%2Fwww.interhightrack.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618710730176&bpp=1&bdt=453&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df916a95c66301daf-222e9ba998a7009b%3AT%3D1618710729%3ART%3D1618710729%3AS%3DALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA&prev_fmts=0x0%2C150x250&nras=1&correlator=8177500325258&frm=20&pv=1&ga_vid=1418333357.1618710730&ga_sid=1618710730&ga_hid=491194351&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44740079%2C31060829%2C31060048&oid=3&pvsid=4451520178358382&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=98iDVA8IdV&p=https%3A//www.interhightrack.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1F47 0
227 B 142ms
48ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkXbyCKkqzPIlQIrxW8l54-OL2frS3P01rWPwVTTOiUOsNT21_aBxso0pmNxKFKFP-tLYw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 3BB8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceb5e190c7e73ce08db523fcf04fa1798646e9f13e75ad2946283de912710766

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 265F 58 KB
59 KB 29ms
20ms Stylesheet
text/css 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date: Sun, 18 Apr 2021 01:52:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2905143
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 098446aeb1000005f567007000000001
last-modified: Mon, 15 Mar 2021 10:52:33 GMT
server: cloudflare
etag: "fa5bea1744ec28a282943760d27d46a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lGMTVAxKYf9WvJHgh6KO0PsL08dig7ZoqeNLVPG%2FBc1Vmv3FmZCeygw%2BhZwp1dm7iJ46yDzvUNwRZC3AVyuhB4%2FLY4gxTsE5YBnyDKEK6xIuIRe3"}],"max_age":604800}
x-goog-generation: 1615805553645751
content-type: text/css
expires: Tue, 15 Mar 2022 10:53:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 641a40911b7205f5-FRA
cf-bgj: minify

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame 265F 36 KB
12 KB 23ms
15ms Script
application/javascript 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b684bb683e9214771c03aeca125e09425d5cb5e76911f6d2a43ef39fb55e1c56

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=s2482A==, md5=j1jRJaHZBV79FmSAFAai6Q==
date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32679
x-guploader-uploadid: ABg5-Uxf5ERJo5XMONJXFFQw6iJYsKBrTdgGi5CMm2ThniYI6baP9PJgxVKfUIY6jzeUERJY__dt_dOU4MQlm0--OtE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 098446aeb2000005f5c395f000000001
last-modified: Fri, 16 Apr 2021 16:47:14 GMT
server: cloudflare
etag: W/"8f58d125a1d9055efd1664801406a2e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g2dNICASVKHqy%2FKWOzuO3ajWTOCki29ioqCnoXeSpXIPtmBU9v1I5KYOluhKgso5nVzcW1Mc5dxNQsW0Ni90aaadUrg6owt0W21irRdwXn4yjSj0"}],"max_age":604800}
x-goog-generation: 1618591634770240
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11821
cf-ray: 641a40911b7505f5-FRA
expires: Sat, 17 Apr 2021 16:47:31 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 265F 3 KB
4 KB 35ms
15ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2662
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 098446aee9000016eac43a4000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CGtldS3KV%2F4%2FFCBhYsqKwZJIrYgofil3bjTmuqoh10ktsmq%2F%2F%2BN5PQ7xwmLmqCG%2BbQwKzbH2y2kCpAr7I%2BU3KQm2D4t21IkAiSB16yNzeHJQ%2FXQ8KynFsjFlLfch3MroIg%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 641a40917fc716ea-FRA

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 0D66 2 KB
2 KB 17ms
17ms Document
text/html 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-type: text/html
set-cookie: __cfduid=dbba83c1a03b9040201f4df362ff754521618710730; expires=Tue, 18-May-21 01:52:10 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Sun, 18 Apr 2021 02:52:10 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2571461
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 098446aeda000005f5da10f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fK9CwQw%2Bb%2BsE%2FYzJ5NdNUNlHvrlBXZk7IF80lKu2iHP5fB0DkzS89OTfXDTfVz4cNdFnz4oqQwBeIGyAUEtskEu441HuoF1vr3xWEj%2FwENj5hD0N"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 641a40915bc405f5-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 800A 1 KB
1 KB 16ms
15ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-type: text/html
set-cookie: __cfduid=d006de210fffd48ecb6d44d1b8a938f491618710730; expires=Tue, 18-May-21 01:52:10 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 2675
cf-request-id: 098446aef6000016ead68ca000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sVRhK65SHnNCUDKwLOo21bfEWHudbiqTM1eBPNUaJOjCHhTdGRfLXtPHEegu08KBAuAu90Q6J1UZasi%2BhKdReic1%2BDA%2FLaAWGTx49TQPVXmSNw1IG9CS"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 641a40918fd316ea-FRA
content-encoding: br

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 30ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36d37d4b1070b216557e5603270d9b640f7c4f75c2b269d3102a3d8cd19e4df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6947
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 18 Apr 2021 01:52:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame EB05 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.interhightrack.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.interhightrack.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 17 Apr 2021 15:25:26 GMT
expires: Sun, 17 Apr 2022 15:25:26 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37604
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame EB05 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 301430
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=4451520178358382&bg=!vb6lvvrNAAZUuIlwVLg7ACkAdvg8Wp2I5XBhslveRR7taIU9DtT4TBTSiWTbTZQhL8jraM6yU799SwIAAABVUgAAAApoAQcKAA6o2xmEjTle_fAHWL4kPZkCI9uRLB1AMYa3B2FSe-eELQShY-IBGG4DKzYIVmnP4_dutDEJE76FsmDMYhOScbfIoUV9WXL9pnFnrJLeZz2A5q_3nm39vr7nwUB-N1bZW0mPkQlmlgpB8mrncThzKkPJ6-QXm4gqhzHVIT1es0KTKV9KVgLs_YN7uJLDvOV7cN27WeSsa1goPqhjFC-ZSAYvB-cf8TORpbmJ8UvsMvMU8jynTAY0fhtPmtQQV0ko83LQl_zyxjINeADGHRbGGkGcKTRXzcmvbl94EI3kNn84bmWiL1YazJdPbYaTvlrP0PFLzUA1oQQMqYHKqE4jhNnW9SeasD-mCaI6xl0ObfIxUBJoCeRx1pHwRy89q2ywEhpRvM0U6dh_Bp-ocUxJYFU3cIlca3h5c_M--wZJM1e443yNiMH0BnFL0hKb9FAB9iPMjBHGqFVCkmzub5V3tDGvVtqyX0DolPSgkP5wP2XK7Mh2vUgsZFji_MhTFfDrx6wPFCCos7zLBosNn33fEQQCkgqBgiyLxCs3vvbTGidwZ8f_UQl4JVXsehWTkS0zFNRcaR9wIM0RoPOYGnXor6GqxHQT2Et5AwtCCdPsr164O69duzo7Xw5-ozBgyqtLro0fla9Z5x1yeP_d3V5j45fhu33R-HXKv2GiZKsReEeOfyneSk9uk9JD20XmsizH2hzt9zJL8w6D3SFdnqpcnXzHCxXuKvbiEmsju1gerUYuusl2To8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.interhightrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BB8 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhx7ErtEaeTb1eqEr1di5zPyz8_Bpx2_oteiK4kcBJQCKJMdDzAfAnqIOuKVuH4Ft-fXvIKzXV0cQ2hYkOLqoN-SYgCM67Dw&sig=Cg0ArKJSzMz1VAUxQ7VOEAE&cid=CAASF-Ro1uFj5U_92d9-im0wkp1iHMMj4aYM&id=lidar2&mcvt=1000&p=859,436,949,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=885347780&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&rst=1618710730181&dlt=121&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 01:52:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 265F 1 KB
2 KB 19ms
18ms XHR
text/plain 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102b9148b61e33dc747d644ad7ae9f59dbd53b61e3e976a0a35a2f006051ea47

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h94xf04tjwza0efdrhkbf5rd5dhd2maky0sdvhyq0cyn1aqfh0m3aehwfwwzcd4025194spgpkq4v7a3cr7j8q0eqneyj87h2frefxh3c28bpe6dx8thjnf8qgcb6kbf6r570g6237vpg6gf9bzjj8gj8zbk96m8vjmbq51xm3az0nrgz21rx1epjb4zf4f6vwjm5cekfskh8rhb84mkxkfm23kcc7qbv4r9szj5k92yewsawqy629t6axy1bardr04y48jbwen7hnzcxshwkqfsppm7539rnrgbe9p0pf51gd1bebevd4c8ya5a38mv17k7b85e4szw449y94yb1jfhyqwfydwkp1b3ygv90q2c98rz6krfhs4p29sc5c9h46msc6143wrb3p2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%26client%3Dca-pub-1979231855584754%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Apr 2021 01:52:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 098446b6e9000005f55ea59000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SbFiU7nIHbAvjw6otavF28nwTnwWvncqA8g3942fHs5cWu3BYsbzFXoOgsDuJNIrpkWGctPqftAT3rr6hBd%2BjxzBJKJDpOpxuOEgYBSHzEltvZNP"}],"max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 641a409e4a5705f5-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 8DAC 9 KB
4 KB 26ms
19ms Document
text/html 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf068d3a51e5a20d54d0827cdb53e5cd2b757b036053eedc3d53fe79afa514a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:12 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=df271fecabb120cc38ad49c51e87ec4961618710732; expires=Tue, 18-May-21 01:52:12 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 098446b70400002bced9279000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 641a409e6afa2bce-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame 8DAC 58 KB
8 KB 21ms
21ms Stylesheet
text/css 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:12 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 823948
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id: 098446b71b000005f579a45000000001
cf-ray: 641a409e9a9c05f5-FRA
expires: Sun, 18 Apr 2021 02:52:12 GMT

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 8DAC 12 KB
12 KB 28ms
21ms Image
image/webp 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 281906
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ABg5-UyKkyCKHkQTuBpC6ojJAJPacp0rL3gXYsZZ0_pnVLo-RCEnBHssmdyuOaPZuYkrERlH0_wK54RYfQZqoSW5JA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12110
cf-request-id: 098446b72300002bce0b0c4000000001
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yCBRk15%2B5wkks8oedG7y3gWlQXHurUtwf68YFwLMq45yK9t6kF4WtLKXnc53xIGFX%2BsjEUlshjB55NxQIJeDBXHw5YZx%2F89S0HsCWYnVsfdXvrQp%2BO1LheP%2BCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 641a409e9b322bce-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 8DAC 10 KB
11 KB 28ms
21ms Image
image/webp 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 279566
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ABg5-Uy76jGOmIeWoMzfwzdNXg0SsZzzSpxA1Zn1k_IfsvaaxGxWbJrPtcKP3T_4qMlzzm1szmb_KY56fc8kx_kz24M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10372
cf-request-id: 098446b72300002bceb2bc5000000001
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A9qNeA3elntGVjWhYRAdx9eo5Ph9rHQxgKiXO1n%2BGwmMC%2BRkH%2FuZ8VVdsH1MbwRoZN91ugKX%2Fa7IN6GjX1p7vUKlmxwSrWUulzP24%2FuIJJ41Rjw2Bl50KiQi7A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 641a409e9b312bce-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 8DAC 38 KB
39 KB 27ms
21ms Image
image/webp 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 782101
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 098446b72300002bce03286000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k6Dbr76n%2BEOrght0TgFD6%2B%2BtlgyYY5FYNvlyTIMxqAHmWGZbx3niUt2GtHy5tVo6ZAMotXJZwHVHIoyxmGo6L7fnph8gWcy%2B7stfUZU6WTg%2BrAItjHMTeeU%2FaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 641a409e9b332bce-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 8DAC 113 KB
113 KB 28ms
22ms Image
image/webp 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 426201
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 098446b72400002bcea1978000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H7nlTOAaLwhoFLkYA1b1X5PRxzIaQX3y%2FjkAlKdrOAq0xk96XKQ1niDug2EOcGYQnF2SWnRm0tBJuaqtNbCu5pA0TeVBnBGa5rsW7nktfOWkuwSqVersG3aBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 641a409e9b342bce-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8DAC 43 B
703 B 155ms
54ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:12 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 8DAC 38 KB
38 KB 27ms
21ms Image
image/webp 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 275966
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 098446b72300002bce0f92d000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LS3pvtIngKA8VHSFIWEEWUJL1%2BJJEANSZoeHavjZ7viDddh4edx9q9hEjz1KKarwOlj3Y2B0FXcXhu6xmlqXmzS8Qh9xnWFly7dHpLt%2BOEEkMufTCXud511lkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 641a409e9b302bce-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 8DAC 84 KB
84 KB 19ms
13ms Image
image/jpeg 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 18 Apr 2021 01:52:12 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 410964
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 098446b72300002bce00107000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k0PuNTKlWbUvVPrCLh0tYLC1QJ6Utm2KaK7p6AIcWdX9tse%2BHbBjIFkSCkhpFy6aeZPmePzRB4h6QgkcSNJ1ve7wjt31H72KxTk2UXYkZBy399OVHoKIIJwqLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 19 Apr 2021 01:52:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 641a409e9b2e2bce-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 8DAC 12 KB
13 KB 347ms
135ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: ed4b43de3c9f2e1596c24380f3312015788d775602d05b0062c2ac70293eca26

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:12 GMT
Last-Modified: Sun, 18 Apr 2021 01:52:12 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 8DAC 12 KB
12 KB 361ms
134ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 16de2fbded90960bb391802a24273047cb251a0b9d31796b1c888a23d45fd692

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:12 GMT
Last-Modified: Sun, 18 Apr 2021 01:52:12 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8DAC 60 KB
60 KB 190ms
64ms Script
application/javascript 143.204.245.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-73.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:05:17 GMT
via: 1.1 55541d3f726d85610ca3ec4fc80705f1.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 11:04:49 GMT
server: AmazonS3
age: 53237
etag: "3cdddcb8ff5d7e818040764d312aec0c"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 61104
x-amz-cf-id: W_gTDSvtYHT1amYavIyqvl_9rm8PFpVjkFYNP3MHEDU2pRYPRUBmQA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 8DAC 79 B
374 B 232ms
67ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TgdNOTYhq2Rhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtFMk.Nk4Jk3sjJtJ9XvjHzBdyKMl7pp0iJ3A0KFgBFY5BNlr91xU..Bjp&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221618710732%22%2C%22%22%2C%22%22%2C%22%22%2C%221626486732%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=124cb83c35880b844c8d7aea00f92a18&userIP=5.253.206.84&doAffectv=1&wgtime=1618710732
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 8DAC 25 KB
26 KB 166ms
58ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid489hEf5fmdXfGH9HdtAtDXrTdtZtr3Moneid__asuidhRzDfmobVTYWU9BoOjqfW8qt1p62aXGDasuid__webplexmedia_advancedad_Desktop_160x600&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:13 GMT
Last-Modified: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 8DAC 79 B
374 B 249ms
71ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TgdNOJdLxf_i.uJtHoqvynx9MsFyxYM914Ve_clrAU.0Y.KI.IXxI_FeAixAwmbtJz3YMJ5tFFg4K1kl1BNlY6RcApw.ECj&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618710732%22%2C%22%22%2C%22%22%2C%22%22%2C%221774230732%22%2C%22oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=5b33f57a108e4b355aca9b1737022ad9&userIP=5.253.206.84&doAffectv=1&wgtime=1618710732
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 8DAC 85 KB
85 KB 190ms
66ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidJ6zuzf5fK3Ya7C6H7tptpPxTjtdtbJ2oneid__asuidEWhjccDjFQmq9YZqHJl1-GVfDxVWxU4Hasuid__webplexmedia_advancedad_Desktop_728x90&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=728&d=90&e=&g=0c60dac884f5fb74fddeefa0cb5baf35%2F3418161990946671124&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D214k28c80dqv5r0xv071xesfbvkv1s5zv3fy5r2wm0swnq06zjnq6ftx83t8tb28btnra9bycfhgvap511b9tmvw4666ecv181sj1r8c1evq6zbnrpj4j0wbzjzm27zm4qczv6rhzz6p1ty3d0d4fcpzxsnfqf3h77pqdn135qdxjtfh4zk2y35zsvp9y32fqm6p3zayrqbd92csy10c85ghfpw4f7m34vwtrdq3mzk4eyezdzzrxzf6abvwpms2eyh52%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZpUeypB7YL39C5SB7_UPleCCqA2Q4YGEXLaoworwAsCNtwEQASAAYJWK-IGUB4IBF2NhLXB1Yi0xOTc5MjMxODU1NTg0NzU0oAHCrujdA8gBCakCIALlfCMatD6oAwGqBNYBT9BxzEMHRTnswzMwpjYzAOLnG-lyznRSy1Svdlg22W0I9LlXMwb54HDlBPGnODZjy-ybjrfjzX8-m4wzWYyH1xu440AhMUU0WOB8wuNbZjdnlgNcZtz-o7JrqgqbN3XSrW93KmH62Xf7EzKPkfwanjrO4Nqv4XkzYTyY51u6ZmPcXMlmZ11rxtxHHRKdLjcm5BZydQBiFBgpSw-sYAohsUOH2giestPNaQ2k9jfjK9AUGYRPEBngdIWN39DaOKc9Fk7NbMygVulz1NSQdWy-Gx6XnqEik4AGiIH5pffglJNnoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHsJixAtgHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3sfpeVWpqEZ_9yOs1TZFsb24D_PQ%2526client%253Dca-pub-1979231855584754%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 01:52:13 GMT
Last-Modified: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 8DAC 63 B
270 B 283ms
71ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TgdNOJx0FrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea.b4ub9WJMSuMt_Emdy85icCmVWN9e4WX3NlY5DtFMfs.77U
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 8DAC 63 B
270 B 302ms
78ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TgdNOJx0FMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea.b4ub9WJMSuMt_Emdy85icCmVWN9e4WX3NlY5DtFMfs.D81
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 18 Apr 2021 01:52:13 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 205ms
63ms Preflight 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 18 Apr 2021 01:52:14 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8DAC 16 B
232 B 96ms
95ms Fetch
application/json 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Apr 2021 01:52:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 8DAC 44 KB
45 KB 61ms
59ms Script
application/javascript 143.204.245.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-73.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 11:05:09 GMT
via: 1.1 55541d3f726d85610ca3ec4fc80705f1.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 53238
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: jpxCahh_R4BfKgIesSC5Fws98ecXieVTibsYQdx5uV5QLWhFKP26QA==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8DAC 16 B
232 B 94ms
94ms Fetch
application/json 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Apr 2021 01:52:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 204ms
64ms Preflight 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 18 Apr 2021 01:52:14 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 8DAC 18 B
205 B 40ms
19ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1618710734121
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 01:52:14 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 6afd1924bda6de58d21ab7c079772662
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 8DAC 0
76 B 19ms
19ms Script
application/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16187107328656_73f3bd31fe&programId=12607&expiry=1774230732&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 1fb5d4da44088744564305706343cc36
server: Google Frontend
date: Sun, 18 Apr 2021 01:52:14 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:00:06	Name: IDE Value: AHWqTUm_0OOmnwoUGV9X_a2b8ChCYPTnsDt30TVYzqtQ54QsgAuS4AZY8iC95PVRmeM
.interhightrack.com/	1970-01-20 11:09:42	Name: sc_is_visitor_unique Value: rx12388805.1618710730.DF0FA630B3F34FD4C5DA21F7A120CA06.1.1.1.1.1.1.1.1.1
.interhightrack.com/	1970-01-20 03:00:06	Name: __gads Value: ID=f916a95c66301daf-222e9ba998a7009b:T=1618710729:RT=1618710729:S=ALNI_MbgOU5lSFk0ylTbrWSqRqB20yuRjA
.interhightrack.com/	1969-12-31 23:59:59	Name: gadsTest Value: test

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
ag.innovid.com
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.statcounter.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
diapi.webgains.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
ssum-sec.casalemedia.com
statcounter.com
static-de.ad4mat.net
tpc.googlesyndication.com
track.webgains.com
w-it.m-t.io
www.awin1.com
www.google.com
www.googletagservices.com
www.interhightrack.com
104.111.239.217
142.250.186.130
142.250.186.98
143.204.245.73
172.67.38.97
185.64.190.78
208.113.153.160
23.218.208.246
2600:1901:0:76b9::
2606:4700:3032::6815:57ae
2606:4700:3039::6815:c035
2606:4700::6810:135e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2013
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
35.227.252.103
35.244.174.68
46.236.13.147
54.72.18.9
69.173.144.165
81.29.72.47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
102b9148b61e33dc747d644ad7ae9f59dbd53b61e3e976a0a35a2f006051ea47
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16de2fbded90960bb391802a24273047cb251a0b9d31796b1c888a23d45fd692
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
242abb2ba87ef693c2b6846960d79f22a52ab925f5ea11bfce99ef1b224ac36c
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
36d37d4b1070b216557e5603270d9b640f7c4f75c2b269d3102a3d8cd19e4df6
4614bc87c4b3790684c5d6c498328459927468b6f730f8a54655f2cd8cd514b6
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5bf068d3a51e5a20d54d0827cdb53e5cd2b757b036053eedc3d53fe79afa514a
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
69f06d14d66e7a4d4d588c16bf4ad30a1257af912c2cca95806b5c8813e072b9
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a137b6127335d1f67d6319a8abff6be57499cd1bd1ccbabb057385d4027233d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b684bb683e9214771c03aeca125e09425d5cb5e76911f6d2a43ef39fb55e1c56
c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc6b6fc45820f34a8cdae656db63be2448503b26d1b499df5a70ef592b031e3b
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
ceb5e190c7e73ce08db523fcf04fa1798646e9f13e75ad2946283de912710766
d101b20d966758be625ed45339d6f38509f987575d5e4d75ff36f5fd479784a6
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d5f62b8ef889e94869be8c1da2c246b6a0d49ec2942cf6cba088f4a736367c48
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ed4b43de3c9f2e1596c24380f3312015788d775602d05b0062c2ac70293eca26
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7d002c75ad8236d70012e8ade018871ac15204d73b0be7f1e0479e31a017330
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

www.interhightrack.com Open in urlscan Pro 208.113.153.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

50 %IPv6

22 Domains

33 Subdomains

24 IPs

4 Countries

1016 kBTransfer

1557 kBSize

4 Cookies

2 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.interhightrack.com Open in urlscan Pro
208.113.153.160 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

50 %
IPv6

22
Domains

33
Subdomains

24
IPs

4
Countries

1016 kB
Transfer

1557 kB
Size

4
Cookies

72 HTTP transactions
1 data transactions