ktar.com Open in urlscan Pro
104.198.205.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ktar.com/
Effective URL:
https://ktar.com/
Submission Tags: tranco_l324
Submission: On October 30 via api (October 30th 2021, 3:19:34 am UTC) from DE — Scanned from DE

Summary HTTP 367 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 53 domains to perform 367 HTTP transactions. The main IP is 104.198.205.129, located in United States and belongs to GOOGLE, US. The main domain is ktar.com.
TLS certificate: Issued by R3 on October 6th 2021. Valid for: 3 months.

This is the only time ktar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 70	104.198.205.129 104.198.205.129	15169 (GOOGLE) (GOOGLE)
2	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
6	104.18.6.120 104.18.6.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.197.229.45 54.197.229.45	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
5	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
3 12	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
7	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
19	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	54.146.124.230 54.146.124.230	14618 (AMAZON-AES) (AMAZON-AES)
10 17	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1 2	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1 7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
1 2	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
7	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
19	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
5	34.95.89.54 34.95.89.54	15169 (GOOGLE) (GOOGLE)
59	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 25	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
5	104.26.6.27 104.26.6.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	35.187.117.15 35.187.117.15	15169 (GOOGLE) (GOOGLE)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
6	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.168.50.255 18.168.50.255	16509 (AMAZON-02) (AMAZON-02)
6 6	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
2 2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
2	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
3	18.66.97.126 18.66.97.126	16509 (AMAZON-02) (AMAZON-02)
3 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
6	52.215.101.139 52.215.101.139	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
1 1	213.133.107.215 213.133.107.215	24940 (HETZNER-AS) (HETZNER-AS)
1 2	195.201.218.101 195.201.218.101	24940 (HETZNER-AS) (HETZNER-AS)
367	57

70 104.198.205.129 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 129.205.198.104.bc.googleusercontent.com

ktar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
arizonasports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.6.120 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

arizonasports.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.196 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.146.124.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-124-230.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.102 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

10288467.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10620649.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9445712.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10625865.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9919737.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.38 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.95.89.54 (United States)

ASN15169 (GOOGLE, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.133 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.39.36.141 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.26.6.27 (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.217 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.117.15 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com

neso.r.niwepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.168.50.255 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-50-255.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.113.101.132 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.126 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.133.107.215 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi1115.your-server.de

campaign.mobility-ads.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.218.101 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.101.218.201.195.clients.your-server.de

www.autohaus-koenig.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	1 MB
64	doubleclick.net 13 redirects securepubads.g.doubleclick.net 10288467.fls.doubleclick.net 10620649.fls.doubleclick.net 9445712.fls.doubleclick.net 10625865.fls.doubleclick.net 9919737.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	210 KB
64	ktar.com 1 redirects ktar.com	3 MB
36	googlesyndication.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
21	google.com 3 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	199 KB
10	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	21 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	166 KB
10	googleapis.com fonts.googleapis.com ajax.googleapis.com firebase.googleapis.com firebaseinstallations.googleapis.com	158 KB
9	webgains.io analytics.webgains.io api.webgains.io	154 KB
7	googletagservices.com www.googletagservices.com	246 KB
6	webgains.com track.webgains.com	202 KB
6	awin1.com 2 redirects www.awin1.com	4 KB
6	openx.net 5 redirects rtb.openx.net us-u.openx.net	2 KB
6	arizonasports.com arizonasports.com	424 KB
6	cookiepro.com cookie-cdn.cookiepro.com	104 KB
5	pubmatic.com 5 redirects image6.pubmatic.com	2 KB
5	google.de 1 redirects adservice.google.de www.google.de	2 KB
5	googletagmanager.com www.googletagmanager.com	215 KB
4	o2online.de 2 redirects partner.o2online.de portal.o2online.de	4 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com token.rubiconproject.com	2 KB
4	rlcdn.com 2 redirects id.rlcdn.com	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	postrelease.com jadserve.postrelease.com	2 KB
3	addthis.com 3 redirects e.dlx.addthis.com	2 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net	2 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de	781 B
3	google-analytics.com www.google-analytics.com	20 KB
3	secondstreetapp.com embed.secondstreetapp.com api.secondstreetapp.com media.secondstreetapp.com	67 KB
2	autohaus-koenig.de 1 redirects www.autohaus-koenig.de	532 B
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	innovid.com 1 redirects ag.innovid.com	685 B
2	casalemedia.com dsum-sec.casalemedia.com	630 B
2	2mdn.net s0.2mdn.net	233 KB
2	niwepa.com neso.r.niwepa.com	929 B
2	congstar.de banner.congstar.de	1 KB
2	quantserve.com 1 redirects cms.quantserve.com	797 B
2	googleadservices.com www.googleadservices.com	19 KB
2	facebook.com www.facebook.com	331 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	113 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	49 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	mobility-ads.de 1 redirects campaign.mobility-ads.de	469 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	338 B
1	adsrvr.org match.adsrvr.org	265 B
1	agkn.com 1 redirects d.agkn.com	758 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	mookie1.com 1 redirects odr.mookie1.com	692 B
1	nr-data.net bam-cell.nr-data.net	724 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	disqus.com arizonasports.disqus.com	2 KB
1	ntv.io s.ntv.io	113 KB
0	twitter.com Failed urls.api.twitter.com Failed
367	53

	Domain	Requested by
64	ktar.com	1 redirects ktar.com
29	assets.ad4m.at	as.ad4m.at
25	cm.g.doubleclick.net	1 redirects 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
20	ad4m.at	as.ad4m.at ad4m.at
20	as.ad4m.at	60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com as.ad4m.at ad4m.at
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ktar.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
12	www.google.com	3 redirects www.google.com ktar.com tpc.googlesyndication.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com www.googletagservices.com
7	60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	ktar.com 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
6	api.webgains.io	analytics.webgains.io
6	track.webgains.com	as.ad4m.at
6	www.awin1.com	2 redirects as.ad4m.at
6	adservice.google.com	10625865.fls.doubleclick.net 10288467.fls.doubleclick.net 10620649.fls.doubleclick.net 9445712.fls.doubleclick.net 9919737.fls.doubleclick.net
6	arizonasports.com	ktar.com
6	cookie-cdn.cookiepro.com	ktar.com cookie-cdn.cookiepro.com
5	static-de.ad4mat.net	as.ad4m.at
5	image6.pubmatic.com	5 redirects
5	prod-rtb.ad4mat.net	ktar.com
5	www.googletagmanager.com	ktar.com www.googletagmanager.com www.autohaus-koenig.de
4	us-u.openx.net	3 redirects 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	id.rlcdn.com	2 redirects 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	ktar.com c.amazon-adsystem.com
4	9919737.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	jadserve.postrelease.com	s.ntv.io ktar.com
4	fonts.googleapis.com	ktar.com embed.secondstreetapp.com srcdoc
3	e.dlx.addthis.com	3 redirects
3	analytics.webgains.io	track.webgains.com
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	adservice.google.de	1 redirects adservice.google.com
3	www.google-analytics.com	www.googletagmanager.com
3	9445712.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.gstatic.com	ktar.com
2	www.autohaus-koenig.de	1 redirects as.ad4m.at
2	portal.o2online.de	as.ad4m.at
2	partner.o2online.de	2 redirects
2	ag.innovid.com	1 redirects 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
2	dsum-sec.casalemedia.com	60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
2	s0.2mdn.net	60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com s0.2mdn.net
2	neso.r.niwepa.com	as.ad4m.at
2	banner.congstar.de	as.ad4m.at
2	rtb.openx.net	2 redirects
2	cms.quantserve.com	1 redirects 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	www.googleadservices.com	9445712.fls.doubleclick.net www.googleadservices.com
2	www.google.de	ktar.com 9445712.fls.doubleclick.net
2	firebase.googleapis.com	www.gstatic.com
2	stats.g.doubleclick.net	1 redirects ktar.com
2	www.facebook.com	ktar.com
2	secure.adnxs.com	1 redirects ktar.com
2	connect.facebook.net	ktar.com connect.facebook.net
2	10625865.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10620649.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10288467.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cse.google.com	ktar.com www.google.com
2	ajax.googleapis.com	ktar.com
2	netdna.bootstrapcdn.com	ktar.com netdna.bootstrapcdn.com
2	cdnjs.cloudflare.com	ktar.com cdnjs.cloudflare.com
1	campaign.mobility-ads.de	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	token.rubiconproject.com	1 redirects
1	match.adsrvr.org	60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	odr.mookie1.com	1 redirects
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	ktar.com
1	media.secondstreetapp.com	ktar.com
1	googleads.g.doubleclick.net	1 redirects
1	clients1.google.com	ktar.com
1	api.secondstreetapp.com	embed.secondstreetapp.com
1	arizonasports.disqus.com	ktar.com
1	embed.secondstreetapp.com	ktar.com
1	s.ntv.io	ktar.com
0	urls.api.twitter.com Failed	ajax.googleapis.com
367	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
arizonasports.com
bonneville.com
howardair.com
www.valleychevy.com
www.buyatoyota.com
www.parkerandsons.com
www.justserve.org
facebook.com
publicfiles.fcc.gov
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
ktar.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
arizonasports.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-08` - `2021-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.r.niwepa.com AlphaSSL CA - SHA256 - G2	`2021-03-15` - `2022-04-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
autohaus-koenig.de R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh

This page contains 47 frames:

Primary Page: https://ktar.com/
Frame ID: 643009E9261B1AE99685B1E11210C3F5
Requests: 143 HTTP requests in this frame

Frame: https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 83E6AA6A87690828AFF375002E1BC475
Requests: 1 HTTP requests in this frame

Frame: https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: AE05110AFD46BEA3AD26BEA9FFC31CA0
Requests: 1 HTTP requests in this frame

Frame: https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: E32E5B313B044DC96E304366C0E82E1B
Requests: 1 HTTP requests in this frame

Frame: https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 0E3F26856FAF0FDBB9C41EB05EF42B22
Requests: 2 HTTP requests in this frame

Frame: https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: F2C0DF942BD475C95A54AC53AB902B2C
Requests: 2 HTTP requests in this frame

Frame: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: F6C6F6CF20B1625CEF3C56DED5CA266F
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 59E686BC25D3D819F0AD78E437EED625
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 519884F631747E11CDAF0039EF01559F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: E4FD886BD5A54208AC516150C62D0F69
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 315FF2BB460B078461FAD2EFE3C88839
Requests: 1 HTTP requests in this frame

Frame: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: CB32CB12CFDB856A125327EEC024BE16
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: EFEAA478ECB3F8F1B7B63A4E9BD20118
Requests: 1 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CADC778A52C27348760FEF882F486A62
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: D9B50CBA5C597D0AF57829E1239290C0
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C3BCBAB710705FCE05C46F7C38160CAC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DE697821DC3ABA2EF875755BF34445B7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1A12F24212DE2BE840D8E406BCF492D
Requests: 2 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ABCA716A98D64147D5F39E4CBF01BA48
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 75224AE29F9228406B05977B6857DD3A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73FCAE7020A5A9D34548A74F2A9E1273
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AF21CE054152F83F7ECEB4298D2DFF50
Requests: 1 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3533A999BB124D67133C0AB8AB403A1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 30A442AC903CE96188FB80AF7B935A07
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B13875EB2BB7141273D6F7B767544C56
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 5FFB01AF23A0C8A099193DB04E6618E0
Requests: 14 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DA14FFD01EEF6133E277B84E65DE6F0
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 75B3CCF91A40494C685A5C07F86B257F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/124751/11515211/1632513875564/TDPAE0000031278_R4_300x250_dfp/index.html
Frame ID: 512FFA5808472641C7EC8B1E7CB198B0
Requests: 1 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5AE5702901A6F14606AED85F92B3FA47
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 91BAA83B738B4B543110FC7E69931191
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFD7EE54D9B0FA1DED4417AA98390E27
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: BF04FC9150CBB3ED935679B0AEA6F149
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%20Slab:600&text=Time%20toplanyurwgs%21
Frame ID: D75290E58917ADFB59F0E6B8823EFCA2
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C10AC7CD52B0938D563ABD2E0A5C4947
Requests: 1 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 843648A462EF2DC36BC8987AFCC88EE0
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 94CE329BAAD118903BCA815C89295EB2
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: BA53BAE05D8E73C0EFEDA0FBD4E46E6E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FDA2B65A2EE4803E5BEA8C3298ABC1C1
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B9858EB31DC9605FF2753E8C903BCCBB
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: E802A0C897CE456B9B817CDA5EC6329A
Requests: 11 HTTP requests in this frame

Frame: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81EB60DF89C554C03A58A766764AAF55
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: BABD355D5A60ECF49E293CED16CD95EE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC2F676971F2B57A1738EFDB5F53F9C9
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B7BD51632B1CF1D314436ACBC82ABFA8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: D99AAC10B7444D04425B1E0516D314C4
Requests: 9 HTTP requests in this frame

Frame: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593
Frame ID: 8E12DD0E73FB8C55659ABCA8E7B21244
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - KTAR.comsearchBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://ktar.com/ HTTP 301
https://ktar.com/ Page URL

Page Statistics

367
Requests

90 %
HTTPS

0 %
IPv6

53
Domains

82
Subdomains

57
IPs

7
Countries

7297 kB
Transfer

11823 kB
Size

64
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/KTARNews

Search URL Search Domain Scan URL

URL: https://twitter.com/KTAR923

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ktarnews/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/
Title: Arizona Sports

Search URL Search Domain Scan URL

URL: https://bonneville.com/everyday-strong/
Title: EveryDay Strong

Search URL Search Domain Scan URL

URL: http://howardair.com/

Search URL Search Domain Scan URL

URL: https://www.valleychevy.com/

Search URL Search Domain Scan URL

URL: https://www.buyatoyota.com/phoenix/offers/?utm_medium=display&utm_source=KTAR&utm_campaign=NSE_August

Search URL Search Domain Scan URL

URL: http://www.parkerandsons.com/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2871597/coyotes-given-8th-consecutive-loss-to-start-season-by-capitals/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2870433/diamondbacks-lf-david-peralta-named-gold-glove-finalist/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2871258/cavaliers-size-a-wildcard-for-suns-to-deal-with-on-saturday/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2871362/cardinals-gm-keim-gives-updates-on-ward-praises-teams-resilience/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2871380/report-kyler-murray-leaves-state-farm-stadium-in-walking-boot/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2870338/asu-seeks-fewer-miscues-in-homecoming-against-washington-state/

Search URL Search Domain Scan URL

URL: https://www.justserve.org/ktar

Search URL Search Domain Scan URL

URL: http://facebook.com/KTARNews
Title: Follow on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/KTAR923
Title: Follow on Twitter

Search URL Search Domain Scan URL

URL: https://bonneville.com/careers
Title: Employment

Search URL Search Domain Scan URL

URL: https://bonneville.com/datarequest/
Title: Do Not Sell My Data

Search URL Search Domain Scan URL

URL: https://bonneville.com/copyright-clearance/
Title: Licensing

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/ktar-fm
Title: KTAR-FM

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ktar.com/ HTTP 301
https://ktar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw HTTP 301
https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Request Chain 93

https://10288467.fls.doubleclick.net/activityi;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 94

https://10620649.fls.doubleclick.net/activityi;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 95

https://9445712.fls.doubleclick.net/activityi;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 96

https://10625865.fls.doubleclick.net/activityi;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 99

https://secure.adnxs.com/px?id=1456708&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1456708%26t%3D2

Request Chain 106

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 107

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 126

https://adservice.google.de/ddm/fls/i/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 137

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=304999839&utmhn=ktar.com&utme=8(Static%20Page%22)9(News)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20-%20KTAR.com&utmhid=1591381018&utmr=-&utmp=%2F&utmpg=2:digital&utmht=1635563967448&utmac=UA-333933-4&utmcc=__utma%3D248041309.1408183703.1635563967.1635563967.1635563967.1%3B%2B__utmz%3D248041309.1635563967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1611557338&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABABAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839&slf_rd=1&random=939290017

Request Chain 156

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=v7l8Yb6fKvCnx_AP4dGVuAM&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=v7l8Yb6fKvCnx_AP4dGVuAM&cid=CAQSKQCNIrLM9uwyfa6BdOAIItxz0xE8p9Xr1a414Zs81NANBHp5d5APzJ_k&random=3567846819&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=v7l8Yb6fKvCnx_AP4dGVuAM&cid=CAQSKQCNIrLM9uwyfa6BdOAIItxz0xE8p9Xr1a414Zs81NANBHp5d5APzJ_k&random=3567846819&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 182

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLCWtcE1Z4-1RfA4mUsOPTZ7Nb98rg1CiGYbBbn9SlbeuwJOjCmTmKDrgtTKitU2ZPZ_G4u1357JzkRp09mMYStT4Nzng&google_gid=CAESEMQq8MNQCIG4o1oep5D0HgI&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMDz8osGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBMQ1d0Y0UxWjQtMVJmQTRtVXNPUFRaN05iOThyZzFDaUdZYkJibjlTbGJldXdKT2pDbVRtS0RyZ3RUS2l0VTJaUFpfRzR1MTM1N0p6a1JwMDltTVlTdFQ0TnpuZw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaDNUMkhJTUNqMURQZHBlaEtRelZTeDVFWk9ORTRQWDI2dllyN0xOaG5maw==&google_push

Request Chain 183

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGkoOL8EjYof35agEcj62VA&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9Saw38&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9Saw38&google_hm=MTA4MTI2NTAxMjUyOTAyMTI1NDE

Request Chain 184

https://rtb.openx.net/sync/dds?google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&google_hm=g3Albze9yBY5jD105Pj5Ng==

Request Chain 185

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENsb2J0MTLCSpoVpAYrSZII&google_cver=1&google_push=AYg5qPKuEm5o7nIaY3xTEmiDMBQLAgiCVqgyJQHaB5v7faaRlKOGZmLWZ4_GE1gCirFbgeEZl8jKTdU1zaT8UfhuDtxOUZb-L2k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENsb2J0MTLCSpoVpAYrSZII&google_cver=1&google_push=AYg5qPKuEm5o7nIaY3xTEmiDMBQLAgiCVqgyJQHaB5v7faaRlKOGZmLWZ4_GE1gCirFbgeEZl8jKTdU1zaT8UfhuDtxOUZb-L2k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuEm5o7nIaY3xTEmiDMBQLAgiCVqgyJQHaB5v7faaRlKOGZmLWZ4_GE1gCirFbgeEZl8jKTdU1zaT8UfhuDtxOUZb-L2k

Request Chain 186

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nvNmcoG3XUaQkzW744cJoXazXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszQzItMUktOUU4Vw==&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nvNmcoG3XUaQkzW744cJoXazXw

Request Chain 187

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU

Request Chain 206

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsQ1G66HbRUkpA3WkpTqgI&google_cver=1&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSwP2W1xh12M_DyK3uRgaSOa1CfvniD4CcPLSCGuDGg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSwP2W1xh12M_DyK3uRgaSOa1CfvniD4CcPLSCGuDGg&google_hm=ygRGDYqDdsuhX-BfkvCK3g

Request Chain 220

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMb49cqW8fMCFRjuuwgduQQG7A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563968_31347e60-3930-11ec-9600-22309c92d156

Request Chain 249

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909gLklBRqdxJWpNST64RVVgX9cQBwElFEDet4WLUm0FboVDqucBgBWrSsQ&google_gid=CAESEGOjBeBlxiZOJEgyufChowA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVh5NXdRQUFBT3UyckdAbQ&google_push=AYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909gLklBRqdxJWpNST64RVVgX9cQBwElFEDet4WLUm0FboVDqucBgBWrSsQ

Request Chain 250

https://d.agkn.com/pixel/2175/?google_gid=CAESELj14jYhCOUD7XXvBegRCyY&google_cver=1&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg&google_hm=Q0FFU0VMajE0alloQ09VRDdYWHZCZWdSQ3lZ

Request Chain 251

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPL9FOu6EuShjjRYEld4SaIhg_uErP9kch8XfxI-9gmtHxFuBHIibz12CC06SjbTTkYEj_7xC_KT8k92WNiXGu-Z0637FJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIcl4_eUJGtu_uSixsKzQo&google_cver=1

Request Chain 252

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENsb2J0MTLCSpoVpAYrSZII&google_cver=1&google_push=AYg5qPKrPBShzpZk90R8RXBhuIXneNNlTVuVgzfJ8Yb9xkl6fmYobAtYGWoDUkhLp2ovI6z4i0drnFqMK-fmha0IfHpFKYpkgV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrPBShzpZk90R8RXBhuIXneNNlTVuVgzfJ8Yb9xkl6fmYobAtYGWoDUkhLp2ovI6z4i0drnFqMK-fmha0IfHpFKYpkgV0

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBxigavEL_JGw2Ol79EgOgjN24Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszR1QtMS1GQjVP&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBxigavEL_JGw2Ol79EgOgjN24Q

Request Chain 266

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&spid=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24

Request Chain 297

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5gxOOLJaJK2Ezf0RZuE4cocZ8eXUw&google_gid=CAESEGfcevhw_G3p1QcAXOk746U&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5gxOOLJaJK2Ezf0RZuE4cocZ8eXUw&google_gid=CAESEGfcevhw_G3p1QcAXOk746U&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5gxOOLJaJK2Ezf0RZuE4cocZ8eXUw

Request Chain 298

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPJJFhv8lx_TGXRWshPcpySitg_O0ZHp_JRmnfsYpm3K5mwBCyN4Gipbtg8GSpV528lpb0gSErBXVCADxlcG01WI5dc_1jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzA0OTdjOTktNTc0Yy0yZjljLWNhMTgtMmI3YWZkMDMwZGVj

Request Chain 299

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENsb2J0MTLCSpoVpAYrSZII&google_cver=1&google_push=AYg5qPJIITbos3gcTo0wXXIxGEEwa9K0lsKVunblcpjLHHwbvHo-hfHjg7y-ZPeEFz45ak7PqXoZiYnbd68lmkexYY09FBtK6Bo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIITbos3gcTo0wXXIxGEEwa9K0lsKVunblcpjLHHwbvHo-hfHjg7y-ZPeEFz45ak7PqXoZiYnbd68lmkexYY09FBtK6Bo

Request Chain 300

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2Ow5clTS1ccO5Lc0F9QZHeHTto HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszTE4tMUItQjdQTg==&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2Ow5clTS1ccO5Lc0F9QZHeHTto

Request Chain 302

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN_T5L6i_h_DVapOyABVLo4&google_cver=1&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA&google_hm=OJ1laH1fTfOQEkdgCw01oA

Request Chain 312

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLGxk8uW8fMCFatW5QodrS4MNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563969_317b2450-3930-11ec-9bc0-226142618b74

Request Chain 330

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117663

Request Chain 333

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&spid=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24

Request Chain 352

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ7YAVVFbUgJ19h4szGeZga3JGXQGGay7bNXCPXnBdJ1nJPddRa25b91J4zWK1rl4RoPxPSj9kURAFJKm-NHlvR9Ph3Rg&google_gid=CAESEGfcevhw_G3p1QcAXOk746U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJ7YAVVFbUgJ19h4szGeZga3JGXQGGay7bNXCPXnBdJ1nJPddRa25b91J4zWK1rl4RoPxPSj9kURAFJKm-NHlvR9Ph3Rg

Request Chain 353

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPJYeVirnNJoUBPVNQ6X-Fz_2yIMcA5g5Joo0ERU8ZyFOkqgwL0uYScpIjAITFFQphVHthyA9vCcdQsrxRqjsOtp-Q8RpI8 HTTP 302
https://match.adsrvr.org/track/cmf/openx?oxid=5c26af53-9e3b-7138-dff8-71c337e1c38c&gdpr=0

Request Chain 354

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENsb2J0MTLCSpoVpAYrSZII&google_cver=1&google_push=AYg5qPI3iyZZXvtjIRuCrqEGrpfzsxCJgk5sXPmY7-XJzhmHXd-kqSjk29-ZsjWQjnUIIg4za_1Uqrm9Eaae7JaJV8BfQ48LQkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3iyZZXvtjIRuCrqEGrpfzsxCJgk5sXPmY7-XJzhmHXd-kqSjk29-ZsjWQjnUIIg4za_1Uqrm9Eaae7JaJV8BfQ48LQkc

Request Chain 355

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPKVcK7HKFnJRl9hpGewdvA_l4x9iHV32WzTbf9K3esC1DS2Q3eDO7g676hq572eGAmisYa1_aAgTE5dtxxbTATPj3SDNxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 356

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEClT4ksEqSjnFOEY1aOpIVI&google_cver=1&google_push=AYg5qPIA4OTTxEzfvAA5muOIZSApDwMqH2AsNf8DR5NAJ6IDkna-koD-ck-QdKw6m4OkqOCo0qLMxREb9xuH1KqPFybRCjT9RHGN HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIA4OTTxEzfvAA5muOIZSApDwMqH2AsNf8DR5NAJ6IDkna-koD-ck-QdKw6m4OkqOCo0qLMxREb9xuH1KqPFybRCjT9RHGN&google_hm=

Request Chain 374

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.autohaus-koenig.de/htlp?coyotetrackingid=391615593 HTTP 301
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593

367 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ktar.com/
Redirect Chain

http://ktar.com/
https://ktar.com/

164 KB
28 KB

485ms
152ms

Document
text/html

104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: cb6ef831dd2255420654ea16adc04f9e8bd00f984cc85cab98407e6ec6637b7e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 30 Oct 2021 03:19:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://ktar.com/wp-json/>; rel="https://api.w.org/" <https://ktar.com/wp-json/wp/v2/pages/256210>; rel="alternate"; type="application/json" <http://j.mp/qY2LmC>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 73
x-cache-group: normal
content-encoding: br

Redirect headers

Server: nginx
Date: Sat, 30 Oct 2021 03:19:26 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://ktar.com/

GET
H2 200 polls-css.css
ktar.com/wp-content/plugins/wp-polls/ 3 KB
936 B 113ms
111ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.75.6
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-a94"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_primary.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 17 KB
5 KB 125ms
123ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ac3dd20b181b9c53eaf4d64028f2adf3a64f6a7fdfc1a0a1d0e9b73b9bb7f10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Fri, 15 Oct 2021 19:01:53 GMT
server: nginx
etag: W/"6169d021-4370"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_dark.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 1 KB
549 B 126ms
123ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_dark.css?ver=20210512
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce02b3d4700bffa18f3d5599306e343cd3cb6c6bf24547a6116b34b292d62910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-42d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_headfoot.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 5 KB
1 KB 126ms
124ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_headfoot.css?ver=20210512
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2e7b97014888892d70399baf2f07766517da24e1e7c94df63406e271b8831aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 20:48:03 GMT
server: nginx
etag: W/"6148f383-122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 57ms
21ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 125713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5Ly3OXQVD7lGQM5ODxEqCHD2VqiiVM7uB1Kr4oZDu%2Fo3N9ucYn8Js%2FLs8u%2FP1nQugRUvScOhKpvzFKRsf9oKWgsJ8C17Lw42EBKwLHif7PFLZpSbZwT94%2Ftn5V3IGcANqRJuYek"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a6180877c4b4137-PRG
expires: Thu, 20 Oct 2022 03:19:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 63ms
23ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:19:26 GMT
server: ESF
date: Sat, 30 Oct 2021 03:19:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 03:19:26 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 75ms
25ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3080886
cdn-cachedat: 2021-04-23 06:08:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 42b784de0d15140469c5674bd141e42e
cf-ray: 6a6180879c5b4137-PRG
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 events.css
ktar.com/wp-content/plugins/tweak-events/assets/css/ 10 KB
3 KB 138ms
137ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/css/events.css?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 643c563abab207c9806aeeeff9c308c7175d62f5e9c570caf6de2c5b7afc06bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-2774"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 weather-icons.min.css
ktar.com/wp-content/plugins/weather-widgets/assets/css/ 6 KB
2 KB 139ms
137ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2751594edaed7b725664e41e4e8d8d46475d95520d2e9b96c73487850f8cc56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1980"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 36ms
7ms Script
text/javascript 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 08:16:38 GMT
x-content-type-options: nosniff
age: 154968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 28 Oct 2022 08:16:38 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 42ms
14ms Script
text/javascript 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js?ver=1.12.1

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 28 Oct 2022 06:00:14 GMT

GET
H2 200 jquery.functions.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 6 KB
2 KB 145ms
144ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/jquery.functions.js?ver=1.1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c752d8fd9ca0d1501305899db78069fa8d3aece6a134f840b3afc07ed2a7ed04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-18d6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sw4.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 2 KB
782 B 220ms
219ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/sw4.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 63028089b6bc0baf9bacaf507f21f56f6c70855960f4a31c51a83ff3dc2647cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-7b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 19 KB
7 KB 66ms
25ms Script
application/javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 968226
x-ms-lease-status: unlocked
last-modified: Thu, 07 Oct 2021 01:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: aa478dda-501e-0099-0c6e-c447f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a618087888ff9da-PRG
expires: Sun, 07 Nov 2021 03:19:26 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 52ms
19ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:26 GMT
Content-Encoding: gzip
x-amz-request-id: 895P7GZMS448PBGC
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified: Fri, 08 Oct 2021 20:59:32 GMT
Server: AmazonS3
ETag: "5cac4cabadee93ec669a5ded971f5756"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 PRIMARY_RECTANGLE.svg
ktar.com/wp-content/plugins/bonneville-logos-manager/logos/ 3 KB
1 KB 149ms
144ms Image
image/svg+xml 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/plugins/bonneville-logos-manager/logos/PRIMARY_RECTANGLE.svg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e13a7f8506c7cc36afe366e3ac76701428d4bbc9f4eb5577abd141e7955b6f0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-a64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 pexels-charles-parker-5859612-scaled-e1635463951975.jpg
ktar.com/wp-content/uploads/2021/10/ 557 KB
558 KB 153ms
148ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/pexels-charles-parker-5859612-scaled-e1635463951975.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6074e51e0f9a4388cb50d7075cbb78e6481bdf5c9f6c7fda7abf868082e92eb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Thu, 28 Oct 2021 23:32:31 GMT
server: nginx
etag: "617b330f-8b540"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 570688
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 howardAirlogo.svg
ktar.com/wp-content/themes/ktar/assets/images/ 19 KB
6 KB 273ms
268ms Image
image/svg+xml 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/themes/ktar/assets/images/howardAirlogo.svg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 743118de08e11807033615921ff81dcf28b25e07cd2da846e3a4f26db97323c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-4b28"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 valley_chevy_dealers_sm_2in_100.jpg
ktar.com/wp-content/uploads/2018/04/ 2 KB
2 KB 273ms
269ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2018/04/valley_chevy_dealers_sm_2in_100.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b37841afa1a6c61128647532c2cc98a15dfa55acdbe650bfdfb44bd75faf74c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Sun, 15 Apr 2018 08:39:16 GMT
server: nginx
etag: "252b77523894bc00c398762e16f02a51"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1618
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 POLL-copy-3.jpg
ktar.com/wp-content/uploads/2019/04/ 7 KB
8 KB 273ms
269ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2019/04/POLL-copy-3.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68907ee01093b2068a305daeded339b68cc0990b41eadb457bbe0e1e5d50eb83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Sat, 11 May 2019 08:29:22 GMT
server: nginx
etag: "a653423c7d475aed16b2fed474072bba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7449
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ValleyToyotaBug.png
ktar.com/wp-content/uploads/2019/08/ 3 KB
3 KB 324ms
320ms Image
image/png 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2019/08/ValleyToyotaBug.png
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 83245214087cbf2e7a0ed37bfd85986dc991412cc9448ccd88ef8b5887e21fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Thu, 05 Sep 2019 10:09:24 GMT
server: nginx
etag: "1cfa08d5336e18d38d736eb6ef726ce6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2882
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 loading.gif
ktar.com/wp-content/plugins/wp-polls/images/ 771 B
973 B 325ms
320ms Image
image/gif 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/plugins/wp-polls/images/loading.gif
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: "5df920f5-303"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 771

GET
H2 200 ap_81c752af274e4886a7a4dfa07bce22fe-3-e1633555170514.jpg
ktar.com/wp-content/uploads/2021/07/ 83 KB
83 KB 325ms
321ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/07/ap_81c752af274e4886a7a4dfa07bce22fe-3-e1633555170514.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e750b3284638308fa6d086f25513ab840406b9fd96a6eac4159cafa18a4953b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Mon, 18 Oct 2021 07:34:42 GMT
server: nginx
etag: "218ceac56e2f78911e2c266a45081427"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 84637
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 getty-covid-for-10-11.jpg
ktar.com/wp-content/uploads/2021/10/ 102 KB
103 KB 325ms
321ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/getty-covid-for-10-11.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a32d32e2e5fb637fd1b35e24625f93819347f5b117c3f37406176456e692a4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Sat, 23 Oct 2021 07:16:03 GMT
server: nginx
etag: "57b9369973bc76bfe923248113050b55"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 104742
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 164818324_10159622403241742_779719157477980798_n-1.jpg
ktar.com/wp-content/uploads/2021/08/ 292 KB
293 KB 325ms
321ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/164818324_10159622403241742_779719157477980798_n-1.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c95606e1abcd77e77fd7d4d4cf3b901ae62530822b924e33c8504baba214f43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Tue, 12 Oct 2021 07:32:06 GMT
server: nginx
etag: "01b722123b2cc0f793608e3aea97382b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 299130
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 parker_HPBug.jpeg
ktar.com/wp-content/uploads/2021/08/ 2 KB
2 KB 325ms
322ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/parker_HPBug.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0c3207d5bd04fd85479641ac5b7a63ee3f668692d233e513be2cf4a1c05e96c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Tue, 07 Sep 2021 07:22:35 GMT
server: nginx
etag: "00171158b441210361864ea6cd568487"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1921
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 amn-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 48 KB
49 KB 325ms
322ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/amn-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f1acab7716cffdd27f631b6fb47eaa71fabd5339a6cf701e02f6df04e7705bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Mon, 06 Sep 2021 07:50:37 GMT
server: nginx
etag: "1b6247927247593e0c27b6986affb334"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49450
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 mbroomhead-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 39 KB
39 KB 326ms
322ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/mbroomhead-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: baac041f9cedcc851bf5855963ac7bd84908ec39613ec95d1217706b75e276b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Mon, 06 Sep 2021 07:50:37 GMT
server: nginx
etag: "d2f65a83aea850d719a29be6e7db7c7a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39560
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 gaydoschad-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 36 KB
37 KB 326ms
322ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/gaydoschad-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: acf6921a36ea4f70d608b49882438f17c4af992e04e8924bc4cf7e2f8b0dae1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Mon, 06 Sep 2021 07:50:38 GMT
server: nginx
etag: "620c108c25496266cffbcced9bff8a6e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37279
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 176 KB
52 KB 399ms
100ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:27 GMT
Content-Encoding: gzip
ETag: "042b333c6d71:0"
Last-Modified: Wed, 20 Oct 2021 22:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 102
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52427

GET
H2 200 2020.04-KTAR-Cares-Widget.jpg
ktar.com/wp-content/uploads/2021/10/ 49 KB
49 KB 326ms
323ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/2020.04-KTAR-Cares-Widget.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 03b4a055b08c7377eeeed48cf478f9bcfc3bb985b05c0bafdec1677583770455

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Sat, 23 Oct 2021 07:19:14 GMT
server: nginx
etag: "2adb56205be0593538294fe3665fa6a3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50023
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H/1.1 200
OK count.js Show response
arizonasports.disqus.com/ 1 KB
2 KB 38ms
6ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://arizonasports.disqus.com/count.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 140
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 28 Oct 2021 19:06:48 GMT
Server: nginx
ETag: "617af4c8-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: _Lf_aQWSSp2qkXznM2kYav8BYGvaxzESWwOJ3Q2utZPq78EdavXqcg==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.7.0/ 21 KB
7 KB 28ms
7ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-app.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

8234c6fd6b3f09b5d78fdda27eb4e7daec0d3d899b86a9b190cea175627a1c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 06:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6965
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 29 Oct 2022 06:51:11 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.7.0/ 35 KB
35 KB 30ms
13ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:19:39 GMT
x-content-type-options: nosniff
age: 187187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35740
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Thu, 27 Oct 2022 23:19:39 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.7.0/ 40 KB
11 KB 25ms
8ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-messaging.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 12:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10868
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Thu, 27 Oct 2022 12:27:11 GMT

GET
H2 200 weather-icons.css
ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/ 8 KB
2 KB 117ms
110ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b48cae9a9fcc318fb1c638f4097ad3ca6445c236b981998c799efdc662b6653a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1eaa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mobile-detect.min.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 32 KB
14 KB 142ms
135ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/mobile-detect.min.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8d860892c9a1dd820a710a980227b8403271cdcf0323c9a47d41538ccec80bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-81f8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cookie.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 3 KB
2 KB 146ms
140ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/jquery.cookie.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-c38"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 takeover.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 2 KB
774 B 146ms
140ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/takeover.js?ver=1.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b6b38175d300ed73096a7c28fd39cba69509a5196bad1be6c1d3edc970414e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-69b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 qppr_frontend_script.min.js Show response
ktar.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 1014 B
643 B 146ms
140ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.1.5
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d81cd951bc1cc8095a0b6385baa47b9c5fb6fe1440661563a09dbd2f7e243db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-3f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 polls-js.js Show response
ktar.com/wp-content/plugins/wp-polls/ 3 KB
864 B 150ms
143ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.75.6
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-caa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sharecounts.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 679 B
535 B 150ms
144ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/sharecounts.js?ver=1.0.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28a110a1ff4c1d6a68d7a4e60ed003cf3a5ac032cbf5094c42e330f777c6723f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-2a7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 plusdate.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 452 B
478 B 154ms
148ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/plusdate.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: af57e21392ab61f764937da2634c062094b82b086a640d7410a16aa375820da2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 event-submit-validate.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 4 KB
1 KB 155ms
148ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/event-submit-validate.js?ver=1.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0e1dd9bee18c1d77e1e912fdfd7127875ee68971cbee514ed7f64c297c39d179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-f6a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
ktar.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 274ms
268ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
etag: W/"605cec4b-5133"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 datepicker.min.js Show response
ktar.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 274ms
268ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
etag: W/"605cec4b-8d34"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 datepicker-submit.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 140 B
316 B 274ms
269ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/datepicker-submit.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e07dac40b96f7503f396331e32d231530f8d9bd9aa58cf25e22b17421f6d4b14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-8c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
ktar.com/wp-includes/js/ 1 KB
947 B 274ms
269ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycle.lite.js Show response
ktar.com/wp-content/plugins/arizona-traffic/assets/js/ 8 KB
3 KB 274ms
269ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/arizona-traffic/assets/js/jquery.cycle.lite.js?ver=1.7
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73431242d393f2b2932f404e6a00d234b1ca38041af6eb27470761da0d8ed2c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1ef6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 96d83517-a163-4ffe-9ea9-a4e9cd901cff.json Show response
cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/ 2 KB
2 KB 122ms
90ms XHR
application/x-javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/96d83517-a163-4ffe-9ea9-a4e9cd901cff.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2543b798df6a799c869fe2576ddc5f4a8cc538d34f5ff6f800c0ccdfe4dd4803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
content-md5: U8NdQb1PVgaaYblSYczMoA==
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 21:13:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 68521442-e01e-0047-0283-c15316000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a618088df6e410e-PRG

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 43ms
17ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

7614796e1d873e2ebdf2f411e12a73c6d6a0b626ef7edc405e3c3d4052f63440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1028 / 857 of 1000 / last-modified: 1635545062"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27290
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 03:19:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
56 KB 48ms
24ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a2f16d023ea43ad0b0a88b500e96228cba4bd64664bba272ab81a6d5ce3a3041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56481
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Oct 2021 03:19:26 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw
https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

10 KB
4 KB

74ms
39ms

Script
text/javascript

216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

gws /

Resource Hash

8a0ceb3573f6667c826b96b1458ef6f0c301a7f5b39e6234e630094fc5d6107a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3490
x-xss-protection: 0

Redirect headers

date: Sat, 30 Oct 2021 03:09:47 GMT
x-content-type-options: nosniff
server: sffe
age: 579
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Sat, 30 Oct 2021 03:39:47 GMT

GET
H2 200 ktar-multi-nav-icons.png
ktar.com/wp-content/themes/bonneville-news-theme/assets/images/ 2 KB
2 KB 315ms
314ms Image
image/png 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/images/ktar-multi-nav-icons.png
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c216c6c4cd384219a86e806c818d4080221dc16c71c1ccb957c1349740b2ecae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: "61270a01-63c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1596

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 35ms
13ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 211665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 29ms
7ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 88371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 02:46:35 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 41ms
22ms Font
font/woff 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 1289019
cdn-cachedat: 2021-04-23 07:49:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44432
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1601ae05d0bef480e18db2985b95cae5
accept-ranges: bytes
cf-ray: 6a618088ea2b411f-PRG
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
15ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 91452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 01:55:14 GMT

GET
H2 200 weathericons-regular-webfont.woff
ktar.com/fonts/ 47 KB
47 KB 312ms
311ms Font
font/woff 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/fonts/weathericons-regular-webfont.woff
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9

Request headers

Referer: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Tue, 17 Dec 2019 18:39:48 GMT
server: nginx
etag: "5df920f4-bcf8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48376

GET
H2 200 ap_ae24c85005ea4b559c80166c94731b6a-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 63 KB
63 KB 259ms
257ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_ae24c85005ea4b559c80166c94731b6a-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d32ec84909c43eb31ef385240a5d9cbbd6ddbb90023e6b5ddcc950369dd73be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 16:48:22 GMT
server: nginx
etag: "617c25d6-fb42"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 64322
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 getty-covid-for-10-29-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 41 KB
42 KB 259ms
256ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/getty-covid-for-10-29-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 338965bffdaad52bb4476bc878feb1fad834e1470f84be9d870ce184b7fa33c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 18:50:54 GMT
server: nginx
etag: "617c428e-a533"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 42291
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 hiking-safety-sign-phx-photo.jpg
ktar.com/wp-content/uploads/2021/10/ 241 KB
242 KB 259ms
256ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/hiking-safety-sign-phx-photo.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25f39a070ba858ee26f4b7bbb22e24c3892a636c7e1fc499ea3bae0e47d35ef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 14:28:53 GMT
server: nginx
etag: "617c0525-3c488"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 246920
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 statue-of-liberty-pixabay-16x9-1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 41 KB
42 KB 259ms
251ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/statue-of-liberty-pixabay-16x9-1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30b20a43d5569acac11a41d919897a1aa79d16d93677045581651cb4b9e67fd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 17:08:45 GMT
server: nginx
etag: "617ad91d-a507"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 42247
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 FC5WP_pUUAUC_VZ-1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 56 KB
56 KB 259ms
251ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/FC5WP_pUUAUC_VZ-1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 406ae784ee9fb1160deea9a496a8e0336231ba7be2664f553652ff74fdb18001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 22:32:05 GMT
server: nginx
etag: "617c7665-dff6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 57334
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ruben-flores-iii-mesa-pd-1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 31 KB
31 KB 259ms
251ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ruben-flores-iii-mesa-pd-1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb655e24036d4cbfce058c1d8b48d4d7447f9c88ce76f099b6ce1e005e8a20e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 20:19:32 GMT
server: nginx
etag: "617c5754-7a1b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 31259
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 arizona-corporation-commission-twiter-pic-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 130 KB
131 KB 259ms
251ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/arizona-corporation-commission-twiter-pic-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 06aa4665102fd07d9b0642880155a694fa21485c550c9cef2d8c9592bbb8245b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 17:34:19 GMT
server: nginx
etag: "617c309b-209ee"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 133614
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 arizona-redistricting-draft-maps-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 51 KB
51 KB 259ms
251ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/arizona-redistricting-draft-maps-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5f56f9f5fbfb65c4f7aa7d823c7e8098cbc65a600655c0175afba3772167031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 15:59:56 GMT
server: nginx
etag: "617c1a7c-ca39"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 51769
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 interstate-17-widening-flex-adot-flickr-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 151 KB
151 KB 259ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/interstate-17-widening-flex-adot-flickr-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6cf9b3fa8b8f4e734ba8a1ed6eeedcff1e0c3874325881475a70730dd91687d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 15:21:14 GMT
server: nginx
etag: "617c116a-25b7f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 154495
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 F2061666-BAEA-4325-8A90-C5A0ADD8DA43-1-e1635460756422-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 90 KB
90 KB 260ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/F2061666-BAEA-4325-8A90-C5A0ADD8DA43-1-e1635460756422-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ff125fe5db4d2ac73128d683e9473050c2c9bfc9a2690e28afc719ecfab04a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 22:39:17 GMT
server: nginx
etag: "617b2695-16718"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 91928
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 FCzHgneUcAgeCVb-1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 70 KB
71 KB 260ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/FCzHgneUcAgeCVb-1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: dce0f570315dcc80f9fe813b3d3f79d52782abba57b387001514bff6dbc0f9a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 18:02:15 GMT
server: nginx
etag: "617ae5a7-11955"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 72021
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ap_d673d5a27c9540bda26c18b74fc5a7cc-e1635373720848-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 43 KB
43 KB 260ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_d673d5a27c9540bda26c18b74fc5a7cc-e1635373720848-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5a37264ff1f2a19e3b63d3ef4a30f3e245dc26d6cf01e6a876e0ee8dec18909

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Wed, 27 Oct 2021 22:28:41 GMT
server: nginx
etag: "6179d299-ac5e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 44126
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ap_d3c4e4ae2ff5402ebfba854ebd5f9722-e1635175157699-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 64 KB
65 KB 260ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_d3c4e4ae2ff5402ebfba854ebd5f9722-e1635175157699-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b659f351a1ce55cd5c4fa47743ab36ed91cd7e114a85e1faa9286edf3972342a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Mon, 25 Oct 2021 15:19:18 GMT
server: nginx
etag: "6176caf6-100c2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 65730
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 GettyImages-1229385442-scaled-e1635297001803-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 85 KB
86 KB 260ms
252ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/GettyImages-1229385442-scaled-e1635297001803-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 325f165c685c1d718e3994e21e4fcfa66c58a66f3f4c6577b15fceb88a0209f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Wed, 27 Oct 2021 01:10:03 GMT
server: nginx
etag: "6178a6eb-15572"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 87410
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 UA-Device2-1-e1635308332268-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 40 KB
40 KB 260ms
253ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/UA-Device2-1-e1635308332268-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1269f671e4213a269e971a7dc23d7d3ba24fe777ee809b0fc2da7b5f7d513202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Wed, 27 Oct 2021 04:18:53 GMT
server: nginx
etag: "6178d32d-9e43"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 40515
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 GettyImages-1220426798-scaled-e1635212513595-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 47 KB
47 KB 260ms
253ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/GettyImages-1220426798-scaled-e1635212513595-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 399acdda6a5f99bf828685120aab6a1c29865ad2c5ce8acd375725d01b4fd468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Tue, 26 Oct 2021 01:41:54 GMT
server: nginx
etag: "61775ce2-bbe5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 48101
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ap_8c01445285924143a3b06b0606af28f6-e1635558061726-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 83 KB
84 KB 497ms
149ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_8c01445285924143a3b06b0606af28f6-e1635558061726-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: acc2939dffcf1a1898300c9d64da85e9be22c923a8f2f9d4e0f131d9803a9b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Sat, 30 Oct 2021 01:41:02 GMT
server: nginx
etag: "617ca2ae-14d1b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 85275
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 ap_29c794052b54429eb8c2572102115901-e1635451945449-900x506.jpg
arizonasports.com/wp-content/uploads/2021/08/ 55 KB
55 KB 688ms
341ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/08/ap_29c794052b54429eb8c2572102115901-e1635451945449-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d537ad83561a6e1b61e92e35ad90b34713238448b075e10bc67c1c9722286ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 20:12:25 GMT
server: nginx
etag: "617b0429-dcb2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 56498
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 GettyImages-1316672193-e1635545509175-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 81 KB
81 KB 688ms
341ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/GettyImages-1316672193-e1635545509175-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb007fb73f106f2aab18828758a6c371edde8777df002aba833f7b93e7d6d0cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 22:11:50 GMT
server: nginx
etag: "617c71a6-14477"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 83063
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 ap_5bb6acdd410d4b39abc94bdf675cc441-e1635546478639-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 74 KB
74 KB 686ms
341ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_5bb6acdd410d4b39abc94bdf675cc441-e1635546478639-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 487bb0c54dc0ecefcf2076e2ecd45a0a1ac153ae8ab1a74223720f0d2d56f5cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 22:27:59 GMT
server: nginx
etag: "617c756f-12876"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 75894
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 GettyImages-1350073943-e1635545123706-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 51 KB
51 KB 686ms
341ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/GettyImages-1350073943-e1635545123706-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f5077adeda5e35352a04be133087c5f8bf176f7856012fff524cb0983c0d5626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 22:05:23 GMT
server: nginx
etag: "617c7023-cc83"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 52355
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 ap_7d957cb480474de7b420b71d850160f9-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 77 KB
77 KB 686ms
341ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_7d957cb480474de7b420b71d850160f9-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 196fc391219f33ccbaf52f221429a1f12770a1bd454f91dc3aba1a07b9552404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 07:46:45 GMT
server: nginx
etag: "dee72cd2759f2746171dfa882d58cc92"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 78674
expires: Mon, 29 Nov 2021 03:19:27 GMT

GET
H2 200 Flirtey-Eagle-Aircraft-cropped-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 24 KB
24 KB 256ms
253ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/Flirtey-Eagle-Aircraft-cropped-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f55ac21ca8c4a81d64da97b24530d381bcede55c67bec36ef7e41507f965858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Thu, 28 Oct 2021 01:33:38 GMT
server: nginx
etag: "6179fdf2-5e2d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 24109
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 new-chompies-phoenix-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 91 KB
92 KB 256ms
253ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/new-chompies-phoenix-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f426fa6cc2a36699c5a918dfac7c9e5a6a88e087be8e09e061009e68e109da6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Wed, 27 Oct 2021 20:01:51 GMT
server: nginx
etag: "6179b02f-16d6a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 93546
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 126107506_1696636367180820_8300017640542873413_n-e1635217316557-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 90 KB
90 KB 256ms
254ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/126107506_1696636367180820_8300017640542873413_n-e1635217316557-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 47477ce0b02049adb985c36faadf3a91284cdc1cc1bd82a961c124f43109c5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Tue, 26 Oct 2021 03:01:56 GMT
server: nginx
etag: "61776fa4-1664b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 91723
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 GettyImages-1306539243-scaled-e1635300782454-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 59 KB
60 KB 256ms
254ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/GettyImages-1306539243-scaled-e1635300782454-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9284dca5245db3f78fe7e92b98673c4907d2e0cf2039bfed655a435e09588f62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Wed, 27 Oct 2021 02:13:03 GMT
server: nginx
etag: "6178b5af-ed9d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 60829
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 Orbital-Reef-Underneath-1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 110 KB
110 KB 256ms
254ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/Orbital-Reef-Underneath-1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff52509ca0a39892c3308915863b3b623f1a32bd6afadb85897c4e93690e929e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Mon, 25 Oct 2021 23:31:24 GMT
server: nginx
etag: "61773e4c-1b6a5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 112293
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 ap_abc8983f5ed443a69d8cb10e8b479e1b-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 65 KB
65 KB 255ms
254ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_abc8983f5ed443a69d8cb10e8b479e1b-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc65ca5ec8553cb86e14f69bc593e40163a0fe383a0f0ad544f172bc14ee9a0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 29 Oct 2021 23:35:39 GMT
server: nginx
etag: "617c854b-1020a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 66058
expires: Mon, 29 Nov 2021 03:19:26 GMT

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 37ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 03:19:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 123 B
736 B 57ms
23ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ktar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9c90decd6b56b50b940452832ba1225835e51c1bffe2e3f709a6f555522ecc06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
expires: Sat, 30 Oct 2021 03:19:26 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 368ms
147ms Script
text/javascript 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fktar.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 9403b077ca0e2bee098460abdbb5e92939e7e36927e1cbbba765c65d798a52d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 756
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
19ms Font
application/octet-stream 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4176711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N62EyUz58aLE3HiKCypUjRZ2t90mv7bzWguwNKmiEcip4kdmbVLDx545%2BKa7pHb0hmCdROAnCYESvW%2FP4bd1vuG5xh7uRwcJAGo8ywjBKB%2FpvPqfabHO%2FhSefgc3ZLrRq3XzTf6N"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a61808998ab27a0-PRG
expires: Thu, 20 Oct 2022 03:19:26 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/ 325 KB
63 KB 31ms
31ms Script
application/javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: Faq6ojkjeFBEt00AhvcPjA==
age: 968155
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 09a23de9-701e-0045-6f6e-c4edae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a618089996df9da-PRG
expires: Sun, 07 Nov 2021 03:19:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 51ms
31ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7J7KCG2FVK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f4e0c376f31a800cbc117ae5d46288cbfe4cc8e1148868ca20b1081968bd5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49530
x-xss-protection: 0
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H3

200

activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
10288467.fls.doubleclick.net/ Frame 83E6
Redirect Chain

https://10288467.fls.doubleclick.net/activityi;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%...

478 B
407 B

32ms
17ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

831605e63d3d583717f00776b01e5886578eed6e8afceea4b59f80796a11681f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
10620649.fls.doubleclick.net/ Frame AE05
Redirect Chain

https://10620649.fls.doubleclick.net/activityi;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F...

479 B
409 B

40ms
24ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

568bfec9dc16803be02c481cbea692dba658dc61dcd34bba9090a13268542dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
9445712.fls.doubleclick.net/ Frame E32E
Redirect Chain

https://9445712.fls.doubleclick.net/activityi;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F...

480 B
407 B

39ms
17ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

5e2e981fe98878294fd3de7700cd425533d7ca8c090beb026b2b71dfd63e3508

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
10625865.fls.doubleclick.net/ Frame 0E3F
Redirect Chain

https://10625865.fls.doubleclick.net/activityi;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F...

391 B
355 B

24ms
24ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

d0831e01bc269a1f5cc5c476493e9993b6d45f6332333487e6363463678073f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
6ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

cc21d5a9e609b2997b4f9c3a5b520216e5ef6522c656b81b6105c9b62a8fcc5b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: 0DmUhTRJ5Q95Sl/8QpP8FWUbEkQMvInY2ghU0xkGxHg/u5t2AjNXgJOppQ+UP2fl4wFXUvjrUP3cKaeopZScTg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 30 Oct 2021 03:19:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 30ms
29ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9919737

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a1521f80b4ebd8a18612ca6f0c4bfd622b7bdaafcfc13cf3eb905f97eee5475e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35604
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1456708&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1456708%26t%3D2

43 B
1 KB

28ms
28ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1456708%26t%3D2

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

HTTP/1.1

Server

185.33.223.38 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:27 GMT
X-Proxy-Origin: 216.131.114.198; 216.131.114.198; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 88537102-9f40-42e1-8a78-ef0701bacc36
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:27 GMT
X-Proxy-Origin: 216.131.114.198; 216.131.114.198; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ba723bce-fb52-45c2-85da-fd8e39d3458b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1456708%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/cc267ab8871224bd/ 290 KB
95 KB 26ms
8ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

71173eb1cc84ee88adebf5552afaf335a6d6b2759d37b722b56f7d05c9abc1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97502
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 28 Oct 2022 06:08:12 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/cc267ab8871224bd/ 41 KB
41 KB 24ms
8ms Stylesheet
text/css 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:08:12 GMT
x-content-type-options: nosniff
age: 162675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41474
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 28 Oct 2022 06:08:12 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 22ms
6ms Stylesheet
text/css 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Oct 2021 03:58:12 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
342 B 87ms
35ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7J7KCG2FVK&gtm=2oear0&_p=1591381018&sr=1600x1200&ul=en-us&cid=1408183703.1635563967&_s=1&dl=https%3A%2F%2Fktar.com%2F&dt=Home%20-%20KTAR.com&sid=1635563966&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7J7KCG2FVK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ktar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ktar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/203a4fa3-a42e-4ca5-a0ff-8e699568899c/ 43 KB
11 KB 79ms
79ms Fetch
application/x-javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/203a4fa3-a42e-4ca5-a0ff-8e699568899c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db008e4be3499f0f4baefb2a3e3ac365a85628b6b903eeb6b121f6892a733354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
content-md5: KDttNkP3fEVhSY2r6auEQw==
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 21:13:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 588a0309-101e-001e-601f-cbd495000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a61808a8860410e-PRG

GET
H3 200 418296865552530 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 59ms
49ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418296865552530?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d0b545535c8c37bf9e9c596800eec809e48fb2b1aeba24936d5553d70e496b2a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: DDUZIFHFKz0UBL4WOgFGfe5DTFdZ9P8v049XTHvfRlBRTvpHGTJgA+OB9QYwxr/ceX9L6FtRT7v5Gb8NE8OepQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 30 Oct 2021 03:19:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
9919737.fls.doubleclick.net/ Frame F2C0
Redirect Chain

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

380 B
343 B

20ms
19ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9919737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

c8ea85f7fbd954ecdc3d3fe304b3d8b2bf656b788ece16794d661e263619a5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
9919737.fls.doubleclick.net/ Frame F6C6
Redirect Chain

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2...

390 B
349 B

21ms
21ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9919737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

ae16a468d4bb3ff5ddd789a4bffe34ca4d0c38ae5f4c3fc45b60a9db059c3caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F
adservice.google.com/ddm/fls/z/ Frame 0E3F 42 B
118 B 40ms
19ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10625865.fls.doubleclick.net
URL: https://10625865.fls.doubleclick.net/activityi;dc_pre=CKOjj8qW8fMCFW7jEQgdvCgLFA;src=10625865;type=dv3600;cat=ktara0;ord=1;num=2472653377995;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10625865.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 59E6 477 B
850 B 24ms
17ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10288467.fls.doubleclick.net
URL: https://10288467.fls.doubleclick.net/activityi;dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

591c9f1734913f75370ed7321f16b9df87e2ecbfa82a396c5209f068a20710ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10288467.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 5198 478 B
453 B 24ms
19ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10620649.fls.doubleclick.net
URL: https://10620649.fls.doubleclick.net/activityi;dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5039712f8d85f1de0753e1d8a4244dc054c9fadea91011321dd171b808810627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10620649.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame E4FD 479 B
447 B 23ms
18ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9445712.fls.doubleclick.net
URL: https://9445712.fls.doubleclick.net/activityi;dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4e79aeedfd29a639cfd81edb76b8fe43bfc7ade7f99033e1bb4360481ae66154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 23 KB
4 KB 26ms
26ms Fetch
application/json 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: PMy/rO33ZxNqN5zz4lNYEg==
age: 948287
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 896ba68e-a01e-001b-059d-c4064e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a61808b58d1410e-PRG
expires: Sun, 07 Nov 2021 03:19:27 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 100 KB
18 KB 25ms
25ms Fetch
application/json 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: khu7UrcWK2GuRVvI036GCQ==
age: 948287
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bb4df805-601e-0014-299d-c47022000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a61808b58d2410e-PRG
expires: Sun, 07 Nov 2021 03:19:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 27ms
9ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418296865552530&ev=PageView&dl=https%3A%2F%2Fktar.com%2F&rl=&if=false&ts=1635563967269&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635563967268.882277338&it=1635563967150&coo=false&rqm=GET

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H/1.1 200
OK 318665 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
3 KB 457ms
112ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/318665?callback=secondStreetOptinWidget_318665
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d00df460ffc64663c41e6bce8b91d698eac4e1589c0dde647ac1e11fe8258b10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:20:33 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Age: 489
X-Powered-By: ASP.NET
X-SS: 104
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|5235ee04-a7e2-4f60-b3fd-683f503e123f|C69601|CD65
Cache-Control: public, max-age=600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2904
Expires: Sat, 30 Oct 2021 03:21:18 GMT

GET
H3 200 dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F
adservice.google.com/ddm/fls/z/ Frame F2C0 42 B
63 B 33ms
19ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9919737.fls.doubleclick.net
URL: https://9919737.fls.doubleclick.net/activityi;dc_pre=CNuWl8qW8fMCFfTkEQgdHFMEvg;src=9919737;type=lp;cat=landi0;ord=4755983766523;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9919737.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F
adservice.google.com/ddm/fls/z/ Frame F6C6 42 B
63 B 19ms
18ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9919737.fls.doubleclick.net
URL: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMv4l8qW8fMCFZzkEQgdHK0Bsw;src=9919737;type=remar0;cat=ktarc0;ord=1;num=5747262495755;gtm=2odar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9919737.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 44ms
8ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding: gzip
etag: 3900a2c2d757386fb762bfd86288f882
age: 544
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1KSVGB1YCZ8VVZGWVVSJ
date: Sat, 30 Oct 2021 03:10:23 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nJQSfDd1_zPGZKj93AmU5m-XLtTyjn-LX2OB0QCkbATxXvSVK5APdA==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 42ms
13ms Script
text/javascript 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2762
date: Sat, 30 Oct 2021 02:33:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 30 Oct 2021 04:33:25 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
53 KB 50ms
23ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

sffe /

Resource Hash

2b98f860e9a54def502686421bfb92bb22cdc5419fb0644878315b4b07ff8b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
etag: "5274451493031165549"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H2 200 weathericons-regular-webfont.woff
ktar.com/wp-content/plugins/weather-widgets/widgets/assets/fonts/ 39 KB
40 KB 127ms
127ms Font
font/woff 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/fonts/weathericons-regular-webfont.woff
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f

Request headers

Referer: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: "5df920f5-9dd8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40408

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
7ms Image
image/png 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:42:08 GMT
x-content-type-options: nosniff
age: 257839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 27 Oct 2022 03:42:08 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 49ms
6ms Image
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 315F 194 B
870 B 46ms
18ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJSMjcqW8fMCFQ5d4AodaOkC1A;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=669444539870;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3

200

dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
9445712.fls.doubleclick.net/ddm/fls/r/ Frame CB32
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar....
https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F...

859 B
524 B

20ms
20ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

da03b252f14ccb757f006891da428808723e460034b7bc09446eb26bd04dd93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame EFEA 194 B
242 B 38ms
19ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKeNjcqW8fMCFQLjEQgdGooKRA;src=10620649;type=carol0;cat=ktara0;ord=1;num=4874142582780;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sat, 30 Oct 2021 03:19:27 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/ 369 B
261 B 67ms
46ms Fetch
application/json 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

0d9048d0773313ba7746bcbed29ca2d18c339f7f0a3627e359de8f7146bf09c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://ktar.com/
x-goog-api-key: AIzaSyCFd4rYfG29NlfvpSsVhdGXch0PVWAbxDY
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 238
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/ Frame 0
0 59ms
23ms Preflight
text/html 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Origin: https://ktar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://ktar.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Sat, 30 Oct 2021 03:19:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET count.json
urls.api.twitter.com/1/urls/ 0
0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 111ms
110ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5204212&ntv_pl=1119446
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 111ms
110ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=0350ba9a-e10a-4c57-a1ab-863143665c51&ntv_fl=CF4se3gYGjAPzQcMJoAeWT7DODT5VmcFZkQoiyl71wzlwksj0jpdFFhIBoApPN03gejb8md35waOBaTVlbVyqK1EEUkaxhqmX1WRO-2uzLhAGK0U0Dpfrr-WAwrvTAioFkEK5McjNL9mT231gc-8fC_sVXYawNqSGWR7HQe4NIniaGYXHe58uMMdXfuUnZs7&ntv_ht=v7l8YQA&ntv_at=303,302&ntv_a=AAAAAAAAAAJFwRA&ord=1635563967404&ntv_it
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 111ms
110ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1137700&ntv_gdpr_consent=&ntv_it
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
299 B 99ms
99ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fktar.com%2F&pubid=88f7e3c0-0e80-4be3-93dd-e2b13b353277
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://ktar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: BlqPi2LqMzWqSn-omI6G7AIR8LH3gMZXU7BBBllm2aZl4fMZWqi2fg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 52ms
50ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fktar.com%2F&pid=3HBqFcK7mkOo2&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%5D&pubid=88f7e3c0-0e80-4be3-93dd-e2b13b353277&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 18ZWGXZAVWW5XR0V3Y2T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YQ54_8yEDQMFCwktG3MrayjFDThewknvwD4fhdZ7fxxjz__XnxE_-w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
9ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 03:50:21 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 84547
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
via: 1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: D-rFTN1R-_WVLgV4wzGconzWq74GLPe1AyvuZFSx02tAzydGG0GAWg==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=304999839&utmhn=ktar.com&utme=8(Static%20Page%22)9(News)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&u...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839&slf_rd=1&random=939290017

42 B
501 B

40ms
18ms

Image
image/gif

142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839&slf_rd=1&random=939290017

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1408183703.1635563967&jid=1611557338&_v=5.7.2dc&z=304999839&slf_rd=1&random=939290017
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
9 KB 1147ms
1132ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967538&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3569041045&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x393&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e2bde21795958b7e5023986cd3e1e665f1a65c527df76a8482b3887ed16485ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9045
x-xss-protection: 0
google-lineitem-id: 5795088450
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364932197
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
260 B 1034ms
1021ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_promo_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967545&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=2513822422&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x393&msz=300x100&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d07d76697561f78945b2ba05d0733d2a086f3bbf8b304139400afb390c02c52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1037ms
1023ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967548&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=1466&adks=2838658330&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5a7a64666023a7caecca475d3c111c33b522468efb3ea5fb855bef8633ba3bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9387
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
254 B 1133ms
1119ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967550&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=2061&adks=4292363612&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ad97e9de9c37981cb8a17dc1b36cad15d3d7c8dc0a60d4cd8fc152536fe7f7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 2064ms
2050ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967553&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=2675&adks=755322237&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8433def104aa499f4fe17d2c7abe032114770528e6a92745e52b5ff0116b5bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10723
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
256 B 475ms
461ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967556&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=3422&adks=1017661605&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b5354871cee47a832039c4f6ab3a0f1b45b670e0e87f08561889efd45ac3ae0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 1236ms
1222ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967560&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=3995&adks=2253214884&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

73ebba81cb86c91ff5bae5a5754c3909aa41b3c9aae0c5f4037e606c35378134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10791
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 1559ms
1545ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967562&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=4945&adks=1559822713&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

74c718acc3939d2e365f80578f37c5feaa847f8034f13112eb0e73d857329181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10852
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
252 B 1925ms
1911ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967567&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=5412&adks=3960660106&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

46a08a7c8022f72f9a30cd59ea54735b90a5342aac89d880f66d793eec75d630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 755ms
741ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967569&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=5876&adks=3851843092&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d10300c242537c00158b43f17e6763f4635b5fac898e5454cd1946403d8d28bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10619
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CADC 6 KB
4 KB 51ms
14ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame CB32 45 KB
18 KB 60ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9445712.fls.doubleclick.net
URL: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=CNC3jcqW8fMCFX3TEQgdEVYCOQ;src=9445712;type=invmedia;cat=allpa0;ord=1;num=2298102832319;gtm=2wgar0;auiddc=689610566.1635563967;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5f16dac2da002b531a66f23c20e7889f304391f4e854b50d0cdba2ac2d5b4d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17666
x-xss-protection: 0
server: cafe
etag: 4889939424608973499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 03:19:27 GMT

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/ 578 B
478 B 325ms
310ms Fetch
application/json 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ca897a9052701e5eda5cc2eca490c710c14ebd9378b2a3e3d76971df58ab5063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://ktar.com/
x-goog-api-key: AIzaSyCFd4rYfG29NlfvpSsVhdGXch0PVWAbxDY
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 455
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/ Frame 0
0 54ms
15ms Preflight
text/html 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://ktar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://ktar.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sat, 30 Oct 2021 03:19:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/735523585/ Frame CB32 2 KB
1 KB 32ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/735523585/?random=1635563967663&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

fd131a367334929efcd8da8a72c28a29272e1dca278069f4988a5910aa9f9623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
41 KB 29ms
29ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5BSVRFW0T9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3975b253b0927885ba4ee85867d153388d504212a1594bda8d820a341428deea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42252
x-xss-protection: 0
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/735523585/ Frame CB32
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
64 B

52ms
30ms

Image
image/gif

142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=v7l8Yb6fKvCnx_AP4dGVuAM&cid=CAQSKQCNIrLM9uwyfa6BdOAIItxz0xE8p9Xr1a414Zs81NANBHp5d5APzJ_k&random=3567846819&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/735523585/?random=615310003&cv=9&fst=1635563967663&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNC3jcqW8fMCFX3TEQgdEVYCOQ%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D2298102832319%3Bgtm%3D2wgar0%3Bauiddc%3D689610566.1635563967%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=v7l8Yb6fKvCnx_AP4dGVuAM&cid=CAQSKQCNIrLM9uwyfa6BdOAIItxz0xE8p9Xr1a414Zs81NANBHp5d5APzJ_k&random=3567846819&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
20ms Ping
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5BSVRFW0T9&gtm=2oear0&_p=1591381018&sr=1600x1200&ul=en-us&_fid=cmLRGcSYQ82ZDlLB-8y1tB&cid=1408183703.1635563967&_s=1&dl=https%3A%2F%2Fktar.com%2F&dt=Home%20-%20KTAR.com&sid=1635563967&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5BSVRFW0T9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ktar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ktar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D9B5 2 KB
436 B 44ms
24ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 01:33:58 GMT
server: ESF
date: Sat, 30 Oct 2021 03:19:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 03:19:27 GMT

GET
H/1.1 200
OK 2044685
media.secondstreetapp.com/ Frame D9B5 12 KB
12 KB 398ms
102ms Image
image/png 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/2044685
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41c99a3fe7353454939f9640d6f9cd8128e79b35511513f6d02175315c3eb8d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 104
Content-Type: image/png
X-StackifyID: V2|8cdd4c6a-f5fe-47b5-aa55-f8581715dae3|C69601|CD65
Cache-Control: public, max-age=31536000
Content-Length: 11958
Expires: Sun, 30 Oct 2022 03:19:28 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C3BC 0
18 B 16ms
7ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://ktar.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://ktar.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Sat, 30 Oct 2021 03:19:27 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame D9B5 30 KB
30 KB 22ms
7ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:20:47 GMT
x-content-type-options: nosniff
age: 377920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:20:47 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame D9B5 30 KB
30 KB 24ms
10ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:20:47 GMT
x-content-type-options: nosniff
age: 377920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:20:47 GMT

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 30ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: X3M81H4NM1B4G6R6
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: cvOSmODg07/4O4zGwviZMR3PU/m+IFAgnbTWch2Pw3XfIW/4Me7DGjuuZsigtg0xT+fI73EM98w=
x-served-by: cache-hhn4022-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635563968.887520,VS0,VE0
date: Sat, 30 Oct 2021 03:19:27 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 477

GET
H/1.1 200
OK 1502e4f90c Show response
bam-cell.nr-data.net/1/ 49 B
724 B 957ms
909ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/1502e4f90c?a=58634209&v=1211.ba193a8&to=ZAYDZ0cFXxFVUxZZDF1MIFBBDV4MGwRMAE5bDAxW&rst=2039&ck=1&ref=https://ktar.com/&ap=1101&be=737&fe=2002&dc=1471&perf=%7B%22timing%22:%7B%22of%22:1635563965859,%22n%22:0,%22f%22:229,%22dn%22:230,%22dne%22:230,%22c%22:230,%22s%22:340,%22ce%22:562,%22rq%22:562,%22rp%22:714,%22rpe%22:809,%22dl%22:717,%22di%22:1471,%22ds%22:1471,%22de%22:1513,%22dc%22:2001,%22l%22:2001,%22le%22:2003%7D,%22navigation%22:%7B%7D%7D&fp=1053&fcp=1053&at=SEEAEQ8fTB8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:28 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a61808fbc5e2784-PRG

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 42ms
20ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d5bcb9b6b05eda9d1507d22d3bc2155fbacfbd16e3953faf494dda0e2de9d4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8449
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
21ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DE69 12 KB
5 KB 22ms
6ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 29 Oct 2021 21:40:59 GMT
expires: Sat, 29 Oct 2022 21:40:59 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A1A1 783 B
535 B 16ms
16ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

fab2112a39c83331852c2d74e97c4a74f637d8807db7d41abd2b74f365aa6d16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zoON6yyig555maJBxLTKMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 30 Oct 2021 03:19:28 GMT
date: Sat, 30 Oct 2021 03:19:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zoON6yyig555maJBxLTKMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A1A1 0
0 37ms
22ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=2970120887519183&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Show response
pagead2.googlesyndication.com/bg/ Frame DE69 35 KB
13 KB 19ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 18:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13232
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 28 Oct 2022 18:22:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=2970120887519183&bg=!VValVhLNAAbUs_yW1LM7ACkAdvg8WlOvmnoY5uCjz3Cl7JTTK-7UswZzr7aQzvwhRaBztqgC6_-3gQIAAABZUgAAAAloAQeZAqshIHrKaXOx6RLw9MSJrJrI_4WONUJrMZ7_8NAIwS3WvKmi-aOqSS6Kn3TOCiDytaRN-V_zT_ToCHgE6GqVaSIxwfppfa2rHK6Ibf8WujP4rJEPt31tLwNrRgvuHF98iV-DE5Qk8SJWxn6itkdBEXLW7TfAqSUv-pMcpa_OL2vLNBm93DILFf_3aYOI9qjG86ZnYSXZ8SzL-4B6SEZUUMsE5CXQdj7Z2L_5gIZZ3rl_ilgi91rQWZ-_5yhDtu2Q1mCPVaU4qyo-XAbobtu407w8So43ustxr8o09VuuulKRyMatJaFYXFTE3YeT41OOaxpZJKv0CVM9rMmZrhNfcPimAW-y5QK8k7yM3YAd-XJ1qrWjmn7-SoQx3HL5Ka8VKSbw4oTJ7iWJPUEOdcdECn_eNIPPsmI56U-QEVEoXrk6AmIYb_eeYeGIL6WxeaeFiappX1ulQkY-KssATFSLZlY5V9TEC3kCPSBRCnpbYDgeqoTOK8dKSzmn7GcQAkEOewFtYQ3yg5VahhEXnRyG_vzo_I4AUH1DO3_GRn6EkyL2FS6XciqGduf1xgiC1fLY4uDXVjXhVhfiuGk5pEEVl3g2AibuwdMCa0OeTGyozov76UPiv0gmwXMeEW3glGjGgBu5_R6yYB_hMXMePS5ZfZOpee9UipdjUgtJn01ouaDldOASKukjM9KLqDVic19AOiZAoSGk952fwF4uSP-tk-qpEy2qQKiKNJ9ap7Q77cHQJuw38cfoi3dUEUVvkv8FvqcSoT3Hisw-txv4y0lMxXCaKPWN5XWfJQEXtlZC4TWUPpk4s-7xMU_kttCGf0wUKyRXP-W9YJwjPAibEDH3W3JfMVmrLfeNwrZL4U-TLTtMkLZCsLN8tORpqe7QDpkmGJnYLU_kpv7ee6pkcg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ABCA 6 KB
3 KB 21ms
7ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ABCA 0
0 28ms
28ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cnl3vwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTkAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nOW8RC8zej4_f-2ru2c_yI4LP-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTk2NTU2OTY0MDA1NTAzMhjPzgc&sigh=3QrvyIZpFG0&uach_m=[UACH]&cid=CAQSPACNIrLMm9d5vGc9ZYekEerpLXYtZh3qqEyEnsIhO-71lwssLOGWWOHRt3m4w2Um1YQhHtU0Ixs1cEdqVhgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame ABCA 0
0 31ms
16ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gc6s6wqw4f55tfgp17h115p3ddgfhc58ty9eaexbw7smt4s0pygzcgmr38gjnrhwxyba01qvqd1q8vf182vv1dk4mmgr0cd8208nny5fn07j4w4jxeazq47j93hwryxbyrzq4bhppfe5nbxv93xpka7tajy4btk8y1xa4wtnm0eav3s2qxdfmvgkepn0nr841dhpn9ry2kqf540ac86jzxv4v5y1tmwke9steke42a79w7t2s0wgb6dknh755nqsh64wqm7ave6d1hc289h52kkre25y28b89ctgrbjch3f142ery060mndz9czw7816fw2x861wr4wdww3y0je2dcx09g3ajx0vf4xq8ajpeaq2gzg8wxetqakg0p5ytm27b0qzfrt7k3gdj8q&b=YXy5wAAAofoKd4JmAAEGccrTMmuBDVszZmcj1g
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7522 2 KB
3 KB 71ms
35ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb06305fa5c8a6ff15b9c46b92d1c9a087a962e69930ac1fc3d6f26979288213

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a618092ace4f9da-PRG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame ABCA 3 KB
1 KB 6ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 73FC 1 KB
749 B 7ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 31967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABCA 120 KB
37 KB 51ms
27ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame ABCA 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:17 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame ABCA 22 KB
7 KB 7ms
7ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 73FC 35 B
464 B 33ms
9ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsQ1G66HbRUkpA3WkpTqgI&google_cver=1&google_push=AYg5qPKiVkE8zdOCDbiu2yf0JIfbRGNKOR9A72ADgmlv0LzcqWHYIWhH1KopjSELGNRdtn9hOtluuY719ZFFCYS-1JQepx9X2O8

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLCWtcE1Z4-1RfA4mUsOPTZ7Nb98rg1CiGYbBbn9SlbeuwJOjCmTmKDrgtTKitU2ZPZ_G4u1357JzkRp09mMYStT4Nzng&google_gid=CAESEMQq8MNQCIG4o1oep5D0HgI&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMDz8osGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBMQ1d0Y0UxWjQtMVJmQTRtVXNPUFRaN05iOThyZzFDaUdZYkJibjlTbGJldXdKT2pDbVRtS0RyZ3RUS2l0VTJaUFpfRzR1MTM1N0p6a1JwMD...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaDNUMkhJTUNqMURQZHBlaEtRelZTeDVFWk9ORTRQWDI2dllyN0xOaG5maw==&google_push

170 B
188 B

49ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaDNUMkhJTUNqMURQZHBlaEtRelZTeDVFWk9ORTRQWDI2dllyN0xOaG5maw==&google_push

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaDNUMkhJTUNqMURQZHBlaEtRelZTeDVFWk9ORTRQWDI2dllyN0xOaG5maw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGkoOL8EjYof35agEcj62VA&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9S...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9Saw38&google_hm=MTA4MTI2NTAxMjUyOTA...

170 B
329 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9Saw38&google_hm=MTA4MTI2NTAxMjUyOTAyMTI1NDE

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLY2wN5OfSAvVmd9C8ytw98Tf-ZG--MvJHi3dfqXLp2SxlJV1oOHTiS7JSp6z3WFR69xVFijBGdaluzdQBlqg7lg9Saw38&google_hm=MTA4MTI2NTAxMjUyOTAyMTI1NDE
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU
https://rtb.openx.net/sync/dds?google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&google_hm=g3Albze9yBY5jD105Pj5Ng==

170 B
188 B

52ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&google_hm=g3Albze9yBY5jD105Pj5Ng==

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKcM82VyHOGDI_SVoKLvSP-r6d1hb3oMOII646nmJooM7D-tVBHzHBjzYQwcf7BZUg7xXzZlihB1_GDhV_Kij4gDl-SAOU&google_hm=g3Albze9yBY5jD105Pj5Ng==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: lbk1mgq2kidgga0i8lgq5c8q8llp7rot

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuEm5o7nIaY3xTEmiDMBQLAgiCVqgyJQHaB5v7faaRlKOGZmLWZ4_GE1gCirFbgeEZl8jKTdU1zaT8UfhuDtxOUZb-L2k

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuEm5o7nIaY3xTEmiDMBQLAgiCVqgyJQHaB5v7faaRlKOGZmLWZ4_GE1gCirFbgeEZl8jKTdU1zaT8UfhuDtxOUZb-L2k
date: Sat, 30 Oct 2021 03:19:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszQzItMUktOUU4Vw==&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nvNmcoG3XUaQkzW744cJoXazXw

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszQzItMUktOUU4Vw==&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nvNmcoG3XUaQkzW744cJoXazXw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszQzItMUktOUU4Vw==&google_push=AYg5qPInbtCr5aIuJ1URaTQhZcfV_PjjiE8JZH8hocwqAO4m5m5OWgTOsTIcMyLVsZcLTiAi4nvNmcoG3XUaQkzW744cJoXazXw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 73FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 73FC 0
232 B 36ms
14ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IppOkwK8O17pHXW_QceTGUImegcbQoMKuoG_ktE9n5DEr-ZzDoVt8-JDfbqbYU-SH7NG9x

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame ABCA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b395e822b9d494e9b4c1b6e8ca0bfefcbf3a81919ab3ca55bdc9642134f9c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 7522 64 KB
8 KB 45ms
25ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744245
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a6180934e242774-PRG
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7522 36 KB
13 KB 30ms
29ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57146
x-guploader-uploadid: ADPycdtV4lrAELV_JicGCAUJzqBiOGj0WUvynXNNEOsy9cQzRQ_yHoop0IgNLF_2qOfOLsoxDHOJQMWc_dZ9F4alUSdt2feDpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL%2BjKM2OT5dQBaJHTYq%2FeYMSqFpwiBUktIqWbLNIVo0%2BRm8WOYnwf4AoOY5xtVYi%2FAPTl%2FOpQ6yC29p3F8evrpOLFZ%2BeQARf2PAuT5dXBBtbVWK1UHtYYHk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a6180931d17f9da-PRG
expires: Fri, 29 Oct 2021 11:27:02 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7522 3 KB
4 KB 56ms
21ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12321575
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gucwm3W20OsxHwUxFqSlqolvxZz%2BJKVof7Z9OA9mUq4WFXbdD2gpR6qJIfwybMkuwEfB5bl2%2BLv3o6FjHXo0m0jX9E69DBgVvU448HWoqDe3GwBn5uinjEMMjFQxy5j%2BqmzvA4gU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a618093abea4138-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame AF21 2 KB
2 KB 22ms
22ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sat, 30 Oct 2021 04:19:28 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 337610
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCDzGiKJIpQ0DMQhih06Jc%2BO992KTiNQ%2B4eq42m3qkjP%2BkfmU2M2Q4%2Bdh%2F7vA3ODi7XX4wuwQr1F%2BEI9MpuOtIRG2hd1bPEeW5VzAxc1Pxk6Hz%2BXcn2e%2FLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a6180937e402774-PRG
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 7522 2 KB
2 KB 47ms
47ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746603bbfef19344518fd7a23eaf82dc597ff628b0e1384d7b5e73bdcfa7e241

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a6180941b884131-PRG
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4m6rnW6N1IjHfVOBt5CffvgaHIkjZKZyeggxhDa43K%2Fwx9G7ctDXOhiEVeEugoZzcDiMm8aEgdHW%2FKEV4M9aIxMM%2F%2FY6dJM74%2ByVXcw0b9X2leuTJrnNxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 58ms
38ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVQE9yjKHIeFs4K%2BcIM4yboQ%2BJgqhrPGbhawGLfG8xAChjqhFRJkIKelGrSYd6r1hBu2wdPm9j%2FXZlg7UYcA0AWW2gUm2tvG9Oift0GdRVy1XSM5i%2FFH60o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a618093db654131-PRG

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E353 6 KB
3 KB 6ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E353 0
0 22ms
22ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6ruowLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE5QFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKt9MFAxRfr8y_qEWUSPILmJEZB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=-yhGLJcG2fM&uach_m=[UACH]&cid=CAQSPACNIrLMIUCRG-X6WBFuq9wrIa539i9H0PPtksAuFWVYLs-3PTLJZ3ejOJID9dzXx7ppAnfLPvHC8ylSxBgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E353 0
0 87ms
87ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h87y3wg3a8sjz0kxq9k5w6v1svzs3ba6tcz8t0hzknftvg9hydn4gx125tf6ygc8q90ns0h095wcxgpadb4yz5kvrggxqz02sbye3evy42zk4gsg7990hbzf7vvx9tp2jnbc8k6ytjsvhmp38gtmxnf94zc2njenb6wn8wx82csda6pwntqwy7r1gx9aast2m08yynrtszr5nqb3sjyax4v8zcewxphw44d6e303wtk8vs7k79aaerbb7ghjkzmt629q59tt5a0j87whkkkm40xwgbtbq4ep1tfwfkq38v85yv1jaczcpd31e9fvg7t45yrew6j4tqy8w839b4mrs33pzz69me73r52ah70e00mtvy6svf9c86hdc9h2q8wbr4w3fjsptc711tv&b=YXy5wAAE1dIHg4A0AAxMNNiSD4JA4g-GEgJZqQ
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 30A4 2 KB
3 KB 34ms
33ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1aa2eac91c65abaee2ebf248eb7e684c8b84a1eb31c226fb579b7d8ca33efa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6180940e912774-PRG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame E353 3 KB
1 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B138 1 KB
749 B 7ms
6ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 31967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E353 120 KB
37 KB 30ms
29ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame E353 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E353 0
0 15ms
15ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTEJBq6CQhGTuKpdrbu5RSKPtdZ8VA14mUlw1iPn5OHn9tMBpX8OmwbaZvwrf0pPuZhNjsq3pzs-VrQSuguyYcHBG1Kw
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E353 22 KB
7 KB 7ms
7ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B138
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECsQ1G66HbRUkpA3WkpTqgI&google_cver=1&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSw...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSwP2W1xh12M_DyK3uRgaSOa1CfvniD4CcPLSCGuDGg&google_hm=ygRGDYqD...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSwP2W1xh12M_DyK3uRgaSOa1CfvniD4CcPLSCGuDGg&google_hm=ygRGDYqDdsuhX-BfkvCK3g

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKp8vEo3yvCgbs64Bjn17UsuFbJ_tfGwSIE1VB5vdb_ze4BYCOZSwP2W1xh12M_DyK3uRgaSOa1CfvniD4CcPLSCGuDGg&google_hm=ygRGDYqDdsuhX-BfkvCK3g
pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B138 0
12 B 24ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDth69XQCXO0xhx7UQzOyU_o_70AA8

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 30A4 64 KB
8 KB 23ms
23ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744245
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a6180946ed22774-PRG
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 30A4 36 KB
13 KB 24ms
24ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57146
x-guploader-uploadid: ADPycdtV4lrAELV_JicGCAUJzqBiOGj0WUvynXNNEOsy9cQzRQ_yHoop0IgNLF_2qOfOLsoxDHOJQMWc_dZ9F4alUSdt2feDpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kk9Yde%2Fu%2Flcj3O1JLZfTcroLXD8JYJu%2F9b9C1djZg21YuupeaydlMkAcLJKDl0ujNI65QvABPUmyzuQ2R6OIisZTGIXjSN7F4y7iFRph3ckdiAYyaZBG1c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a6180946ed42774-PRG
expires: Fri, 29 Oct 2021 11:27:02 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5FFB 7 KB
4 KB 36ms
36ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1767cef2ccb59df656a974ef1a87862fda49f7d25c912357c26efc2dc70239a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k2etajx7z3nj04ybz8qtaakrh8d20pg6by5ej9p3ztgzfmgx366e4wzvwfpv6zfw05pcqr4nq75gp72crm0pb6rfphepnsk1fb3m334gfnsvskzt46bvwv3t814k34kyxsvb16rn48aqem8qjjaw1rvjehz7rzmd1rsqas5et3qpkdkpd9x4yj4hkgpsqqhvhfdx9jta6tnzekxtpjghtxd8x0v2fnagj6tp76exq43q3j9105xqs9fmq9txgab2gy173r4mjp8mtyzt207tphvwysfpcdsk87htfb25jnfgkm8dh714wcas7hmhknhsa0v0nf6y7shq5fdcqbj7xqjrk6qdxgv4yvkmh4pey12zsgy5dwhcaa01chvh8vst9xgtk81m1stv2sqf7q7z1vf2n7gqh5exm98vb1svfzrwm8jz7wxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6180946ed52774-PRG
content-encoding: br

GET
DATA 200
OK truncated
/ Frame E353 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be9e24322758d31e40dd3bd879d902816fb8f8cb6b2beb285a8633869cd715f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DA1 6 KB
3 KB 7ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 30A4 3 KB
4 KB 41ms
21ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12321575
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjrYD8ux7%2FAmDVlRRvi94RT0qZzKK7bSxvsCKFjnjFQOSgrlm%2Fw89UU%2FAhbOZP4KNuca2UqV6FYw0b6oTCJH8jVyUB8KODeatxRhsLlPwON4sjmSNInzgZ1oatbTtbofx%2FaDLdRw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a618094cab3412b-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 75B3 2 KB
2 KB 22ms
22ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sat, 30 Oct 2021 04:19:28 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 337610
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsGWMCrQeu5aVdhnPXTt%2Fh5rdU4GQKUl2TaZOC3MPc2OEZusB1XuDSw%2Bu5aag764tlDIlInQfbHDCvXpXJ0bdLApZVZ4K%2B3SzJ0q2iPntcYD7xl%2B8AmQ54w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a618094befa2774-PRG
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 5FFB 64 KB
8 KB 24ms
23ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744245
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a618094bef72774-PRG
cf-bgj: minify

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 5FFB 12 KB
13 KB 27ms
26ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122025
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdus6MYxC2UmPAexANulmUvUbyUE43Y1yZ6mqS8hnA5znlK9YpkiQFgqNPUXcPEsi_h73ss0U04_ST0YXuFrGzU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRCvh55n6hi2V5GDVXYxul3BXIKLZLGB0CFWCnqwIvgnGIxFGxp8DHmPP%2FOVsAXHqQEZi2cndXO4CgAyom0FknYzeipji2l2KkVkNu5zDW4YVAxQlBFoI9sXQEKVu1xx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6a618094bda8f9da-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 5FFB 10 KB
11 KB 24ms
23ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125683
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvopCa_joyaSsPca6Tpwq4X45pp2PuLK5NPlf6pyN7WnY5ltIddI0naRHFu1-HvobDq3L1Z36k1OfAin0anuYE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yroW74qtcJtJxb6ggz125LtjvqV7xB1gsYFMOLsY76gMfru%2Fn7vJls1PMQsmpYcUUEpVgz9saoVCQV9Cdxyxkarrgv3ylO5l%2FjzO0KS%2BSQ5HrLZWetW%2BiEZ%2BBJYWTrB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6a618094bda9f9da-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 5FFB 8 KB
9 KB 26ms
25ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120647
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduIQL3fzyUefbBk7wmyM6nX1YDEeN97dnG5llrnhvf2gwtyiNnj4KFpvRUBgflYiPsns6tvUTHf1P95FNB0JZg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1VoljV%2BRS17%2F76fJ%2F93KO0Wtk8NxoDZ8ejC1s2zzTz%2FhEbG8hYYKS0luwwZlty1Bda4Mq5EjJ1R4M22ZfF3K7VH7hyMrC7ers22wp1MrUnVAY0%2BZmWzGCRJMO2EZETx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a618094bdaaf9da-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 5FFB 30 KB
30 KB 41ms
40ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121705
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdsXbIebofXvw_wT6di4Wkg7cr-xT31WCLz3u_ijYUMhPNPuAbmBEerUG4mD3T-Od7V3a73a1r_nNGmquCdG-Sc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH7bnN8lD1vDeCPS8aC14wpJaqDrjOD20QupFYlOIHpZAb%2B5q3sXAc2t4Wg0GQIVPu3jFgzlOZ63fM3sfMBlD8MwC89MMjjvbPLhxIQp92VskiRxaJp20nkwsQocUSZo"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6a618094bdabf9da-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 5FFB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMb49cqW8fMCFRjuuwgduQQG7A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563968_31347e60-3930-11ec-9600-22309c92d156

0
517 B

51ms
10ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563968_31347e60-3930-11ec-9600-22309c92d156
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:28 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 30 Oct 2021 03:19:28 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563968_31347e60-3930-11ec-9600-22309c92d156
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 5FFB 6 KB
7 KB 41ms
40ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123252
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycdvsQAzWIU8O9EZfbOeGQey6fvcn6UduvE3P9Lh1-Go8WuHam5n5AAmdz36MmszUgOA5GAoVjZMdD27KdAzzWOo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0og1eRYk6QoN%2F2eTRj%2Fpvei2fV3jv%2FGdLHEsb5eBum9hUKnHr8yhdQJxA%2BgcOs7vMm6oo2XnNihFBsp2QNdprguHXBsuCOj2K3Awgi6Wt1jNkgfWb6WcpZWRwQwlJJM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a618094bdacf9da-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 5FFB 28 KB
28 KB 24ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121690
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdtYMjl4tN7HahqYZO1x_BYqP-Nlp7pI9XkwE22tvEdYUWDByDk1g6sOPRyiyGeosGnTMzHbnpcWX50DVIYbl6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJqw%2FCdZzL%2BaICsBNjWPHblp6%2FUch7K9%2BB44aZRcl%2FPWRygCKa4p17Jucuc1Au1F4KEPI%2BzT45Nqk5ECsx0UhJafz4FpNzvGrX9hA4XY3Atbtb9%2FbsaTYDZw3GRn2b9Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a618094bdadf9da-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame 5FFB 43 B
462 B 78ms
22ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
last-modified: Sat, 30 Oct 2021 03:19:28 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 3DA1 19 KB
8 KB 6ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7760
x-xss-protection: 0
server: cafe
etag: 2659786357195577193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:58:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3DA1 22 KB
7 KB 6ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DA1 120 KB
37 KB 39ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 3DA1 109 KB
38 KB 29ms
8ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
Origin: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 12:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Oct 2021 12:36:02 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 5FFB 1 KB
2 KB 207ms
104ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 0f611a50de16d3334ddd2091a11b3977d6f94fdd9cecfadf087e68f79bce28a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:28 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:28 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1307
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 30A4 1 KB
2 KB 50ms
49ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d808f5c8e5d3a5bc172e49a02169f38a0565e37b44d664c49d2ae91e28e10944

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a6180954c1f4131-PRG
date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK8fCnNukHYzFkyQyStQbjARdP6Z219M81MjjlV7rCtv5DSSzoZeqAN8JrhfKypuTFIYMA48NzlM8yAmXHI0YR%2BYInAMNdMeRFKJJak6tKdYqGco5wf1ZAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
38ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPWYmV4%2FWBU4VSQMfAp0Ew2xXFQidRvLVqTrSa8A2ww%2FbwjQSGzS6h7aY9vXjJ7UBGKB7j2bqGmWuj%2Bn2xWHkNdPcpnfa61atIDvXSrPxpj0BLtckIB%2BGQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a6180950bfe4131-PRG

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/124751/11515211/1632513875564/TDPAE0000031278_R4_300x250_dfp/ Frame 512F 307 KB
195 KB 23ms
9ms Document
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/124751/11515211/1632513875564/TDPAE0000031278_R4_300x250_dfp/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

125f48af03b461374761a18f635fbc8fd5bc43e3da4c82e6211c83584ad35310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 199281
date: Fri, 29 Oct 2021 20:14:14 GMT
expires: Sat, 30 Oct 2021 20:14:14 GMT
last-modified: Fri, 24 Sep 2021 20:04:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 25514
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3DA1 0
23 B 17ms
16ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCcpOBrjlbxjKP6ezxr6mGpLrcbVt94EcVX5xCcNnfE2aC7IZmc8DGMxzjWd1-hGtTzfbfv-y5F0syc1k4C038Eh-_FNQGplaBJeoeujq8B_5csW9qYyh4lDGkRYGT2--3fEXWbgp6cjxnUu-t9rg4ektCGKV4WXzELw-dIfril2caraqhFLkZ4kyLswJ8H3n_EetlAFhcBvsnPKDyxGMrpNftBuA8H3rjfXPsDNVqa39PO9dds3EYzvmzTsd7YhaD5-NiD1yRTu8anBZVrHKRDRl1hsLVftzzrVb3EntyRStb5X9208vyFhQmLaHuuFit6OphLASQ5czWYw&sig=Cg0ArKJSzK9JBiaX0FkfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5AE5 6 KB
3 KB 7ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5AE5 0
0 22ms
21ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZTG1wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE5QFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3trt1nxfoRwnFn4VpeVCeYeIht94AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTk2NTU2OTY0MDA1NTAzMhjPzgc&sigh=2e54faRALAU&uach_m=[UACH]&cid=CAQSPACNIrLMNV-jSQuBYaAncx71wjLTg5pN4rti-vp0UVSr5wrqs1O9RnEFcn2zskqGlNL-o4uRMlWX1RC3OxgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5AE5 0
0 265ms
264ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gs0v33d746jk5nr91r3rc7yj5hyt36afdc6t51ewdhe8fqznja6h6e5hqdmnb7j4spm12vhjat7kqz4kcnfn6kjf4kprs2mptq2f45xp2bfb05eagcqembdqh3mgycjczrd4cg5z87bqttg5cw8s23q5hb2kr81x3841wqtn8y1yprym5dw04a5mb127jtzfyr5sabhxr0spxzdrwqfky4cy9rg27m266znwkefgp5e9bs3jaqhb7h06pkfkjhe2qntsc8nm8xs665h19rqtaydj1nkb06cth6zvr5rajqs2egyxgt6nbr1n5anhh12qkekhv2mpt54smk4xzgtk07xe8j3hws6fmn8x3hd9c73wcjynjvqt8q5xfg4v34g1qe54aks68&b=YXy5wAAKz6AHg4VjAAu5jn55N1B1RI9LRna1ZQ
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 91BA 2 KB
2 KB 38ms
36ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7d8d14ee20c2e9242f091380dc2276a6f56f76c2a60568e8ed31bdd50d2818

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6180956f402774-PRG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5AE5 3 KB
1 KB 7ms
7ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AFD7 1 KB
749 B 8ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 31967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AE5 120 KB
37 KB 37ms
35ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 5AE5 14 KB
6 KB 8ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5AE5 0
0 17ms
14ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTm5fIN3g2OvWB1FmghsG-9PEgXQZR6noamA_MFLrUI3Ws8btEoIU04503Xoam9R7ISSTgxpHKxnI4Y65e46UCFIa1-GA
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5AE5 22 KB
7 KB 9ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BF04 6 KB
4 KB 34ms
33ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78543a902d9f90c7b764ccbba7bc9fe7bd12bb15bae492133277aa0d91bb1e8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gsytdwc97zm9me0gzjyezb6qqx2xpe2fhhfd22xw7wg8wd2jwfajvtggwnarevht5dp4fgm5m53408fmr56z4tpwd4wm1w7bcw9g1bz2bjqnd12pe1ecmr4xzwfrsxp6b51rg9gtwx7kfwcsncmzzvv8rnktz4xa5wkmd3y0s15a0dgbeyy1vs1cx854dehd7jtgdggvvsbhy6v0cy3v28bnec5h1ht6sp7j4wbc8vqjaw6efd0bhgcjy7yfdb0ra9bv2cqwyxmgs6c245d3meeq2jemve8wfmy2x5wpdt1esffjtxqhq9nkqwkdhtae4q6frvbf5pyq1mgbj9hhs1a1cspw6aqgny6h4k0j2pq38j0d5559j0gzebd3xm89jfamk7xrm8cxc3bnhjme8btdmb7k1x0bnr4vwhhv28bzbv2b7cc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a618095bf6d2774-PRG
content-encoding: br

GET
H3 200 css
fonts.googleapis.com/ Frame D752 250 B
268 B 25ms
24ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab:600&text=Time%20toplanyurwgs%21

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

0949cf7a7c3cc6577f6b644b32ac4f11a0b36d702999ca118a40a33e99cb15b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:19:28 GMT
server: ESF
date: Sat, 30 Oct 2021 03:19:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D752 261 B
279 B 23ms
23ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab:700&text=FIND%20STOREimetoplanyurwgs%21

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

48e5e969f3500c283d013aae66f43e7e8f83cfdd90284551a10fdcadab5ee722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:19:28 GMT
server: ESF
date: Sat, 30 Oct 2021 03:19:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 91BA 64 KB
8 KB 24ms
24ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744245
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a618095ef842774-PRG
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 91BA 36 KB
13 KB 24ms
23ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sat, 30 Oct 2021 03:19:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55696
x-guploader-uploadid: ADPycdvQnM3syAtWFDmcb7rN1e1Y0LAqDwWTdnggxOTxATSB1V7Cn4O68eZbfRh_cuomQSkmrdbVqCvUwtE6g85EzXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F84MScysHn1qw502xTrMixlsTTfbV1Q0EQBzHwgPzT7wbBa1mQ5diiTMrZlTXHTVXhRUB%2BCB4%2Bn1wZLDf1ktYmjeQasENuUrcoMFRq17x6PSXB8OSBktV8M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a618095ff882774-PRG
expires: Fri, 29 Oct 2021 11:51:12 GMT

GET
DATA 200
OK truncated
/ Frame 5AE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 157311dd9bb337b8f45bcc518cc2b48dbec4042d330a77c45cb2d123c03ebbf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD7
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVh5NXdRQUFBT3UyckdAbQ&google_push=AYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909gLklBRqdxJWpNST64RVVgX9cQBwElFEDet4WLUm0FboVDqucBgBWrSsQ

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVh5NXdRQUFBT3UyckdAbQ&google_push=AYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909gLklBRqdxJWpNST64RVVgX9cQBwElFEDet4WLUm0FboVDqucBgBWrSsQ

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVh5NXdRQUFBT3UyckdAbQ&google_push=AYg5qPIK5tfPsCSxDAQyFAlFLktgfN6P1fhzH22H909gLklBRqdxJWpNST64RVVgX9cQBwElFEDet4WLUm0FboVDqucBgBWrSsQ
Date: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD7
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELj14jYhCOUD7XXvBegRCyY&google_cver=1&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg&google_hm=Q0FFU0VMajE0alloQ09VRD...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg&google_hm=Q0FFU0VMajE0alloQ09VRDdYWHZCZWdSQ3lZ

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJVQy94I6O5k7KYgf7Uag31IkGGfpDC-VUQL429cvUOYLu6tTXCRgPcCifXOlvpirMnYZoYSFGmJjP3Pvm_C3VDrqdluCg&google_hm=Q0FFU0VMajE0alloQ09VRDdYWHZCZWdSQ3lZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AFD7
Redirect Chain

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPL9FOu6EuShjjRYEld4SaIhg_uErP9kch8XfxI-9gmtHxFuBHIibz12...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIcl4_eUJGtu_uSixsKzQo&google_cver=1

43 B
172 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIcl4_eUJGtu_uSixsKzQo&google_cver=1
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIcl4_eUJGtu_uSixsKzQo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

28ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrPBShzpZk90R8RXBhuIXneNNlTVuVgzfJ8Yb9xkl6fmYobAtYGWoDUkhLp2ovI6z4i0drnFqMK-fmha0IfHpFKYpkgV0

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrPBShzpZk90R8RXBhuIXneNNlTVuVgzfJ8Yb9xkl6fmYobAtYGWoDUkhLp2ovI6z4i0drnFqMK-fmha0IfHpFKYpkgV0
date: Sat, 30 Oct 2021 03:19:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszR1QtMS1GQjVP&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBxigavEL_JGw2Ol79EgOgjN24Q

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszR1QtMS1GQjVP&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBxigavEL_JGw2Ol79EgOgjN24Q

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszR1QtMS1GQjVP&google_push=AYg5qPJyEWMgfbY-a4vOIRDJ5szjFvxQ1jF9YyQDF10n17JjprLOG1vnSb-nUBONODIJpjysfBxigavEL_JGw2Ol79EgOgjN24Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame AFD7 43 B
315 B 30ms
9ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_cver=1&google_push=AYg5qPKD6docwHWtcBnk9CC9VZk4IlOnYn9xSIc4hmIBCBhCYICO5wlRhSVGB-e6t-qFRpbIw5wKrUFXYWgiRTOATdDj7I7HT_U
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 03:19:28 GMT

GET
H2 200 trk
ag.innovid.com/ Frame AFD7 43 B
297 B 130ms
21ms Image
image/gif 18.168.50.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN_T5L6i_h_DVapOyABVLo4&google_cver=1&google_push=AYg5qPIXdpMdFR6ylvMtRwMrySohdqqxHp2a38Vedcp2DCsRkKORd3alGbnwz9GkSR966yBFjwPnDCbEPRXKX5Xb-cN6sgELD6E
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.50.255 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-50-255.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AFD7 0
12 B 24ms
23ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K73Ct6cJnblXejziwRrlh8p7J49LTDoBG_GtcyXTlmY91AV-_odnDsEmOYT3eOCChBuQqA

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 font
fonts.gstatic.com/l/ Frame D752 2 KB
2 KB 8ms
8ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoUoOWbXZ0XfHytLPEHDdTkvR6samJJTto&skey=a9ad6a4717e923f0&v=v16

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab:600&text=Time%20toplanyurwgs%21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

ESF /

Resource Hash

bc3e9da0211cf7e7d2ea9854d98f3ac298bdd8007a1356c3e980a4b1fa457cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 21:50:22 GMT
x-content-type-options: nosniff
age: 19746
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2240
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 22:48:39 GMT
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU"
expires: Fri, 29 Oct 2021 21:50:22 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame BF04 64 KB
8 KB 27ms
27ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744245
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a6180961fa12774-PRG
cf-bgj: minify

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame BF04 38 KB
39 KB 27ms
25ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123510
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdvPbGl_R5x-T0HvYhoNhiPS6vfXlWehl5VBe3IJj5k2loqM0OLnukHeDQFBZfK4bwQnqEvZACQJGIgn2bUiQog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEjqWpd10RHYOy0WpQxV67WKbxMBXhbZIkl3EECmCh6VaqcDWQdg5KnwbmT%2FZ1PnRvuNH8AffoxuRh3SC8zgMYDDrr018Cxany2RIgEZAG0xvNl%2Bm9r8ker7kKh75Kwj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6a6180961fa32774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame BF04 113 KB
114 KB 56ms
54ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124277
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtObM0AekeXJqrqfBO1uuYLU-ukIkW7LWaGos-i0AFawoBZXZQgV4ZL8PBadmQ4gTY4e8Wa-FYNNyR-SEvdqt8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFlivwaCqjR0qbBKX1h4yIlnXEhxQvh15shICXQaKFhtP3ziVrMxv0qYSIfBAgsABltkT%2FEsIxTOowy%2B3e6pRFOI2MCBlQMfvQSybzewMGXe2LfXTdcNQ%2ByYMRJtezpr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6a6180961fa42774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BF04 43 B
702 B 40ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidrJmHQfD9cbACAH7HjtqtW4bt5T8T36sdoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame BF04 38 KB
39 KB 56ms
54ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124873
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycds0zACqGFoEYkEEiVvbEJ2X7tPVHJ6lwD9zs7Cs8PqaQRAgAp2Q883Jy_QUYXtdfvD4Q64gKcR37Cv1vhy0CoY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1jtp4DBc%2BiGtpWLnt%2BxF%2B7DcAm11kfbag9GPqmCENu1exAnQlHUlD1Y%2Br6%2F4O%2FuL9sR%2FBuqavyOcLkzoYdSpcvZFAehw3pt7HTFW0w2Ev1NqZWmYBOy4fdniL0rGKPJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6a6180961fa52774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame BF04 84 KB
85 KB 39ms
37ms Image
image/jpeg 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 337455
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxrihpiTEAnxARME-oA6yPJhrmWwuiF12JxV_t2c5q-bO2pN4CiKYJuSE-kmEFErbJ9KD9PcUxoc1XNWJIhi8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRG9puH1ALeb4QntNhoh%2BWVjIyRlNc7QP7dbGWITKsQOf71U1v6cygcvGvnMt01ph3wFlkcZq60PfHYCHoLKk6gPrLtr0MD21v8xXQSitcAOZocP6vaJTkGdidFWjNcT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6a6180961fa72774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BF04 53 KB
54 KB 73ms
71ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119925
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdsP1smxuddH-HaNqcXjdhDZocNsY8vzODjXilWMcb630wYVY0UDGvEqfyW_uH6FHGBymuCmQaFP4aavnmBr6yq2Ehzv7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FrM8WrIoveKXQSV6CHapnUxwznsId%2BT6fL23qg61Yvni0ZLiSwqnZ5Bpez%2BOPJRIWYNcsO7CYooRkN3ozrtQQkP%2FGFVZ6fsMUvNem%2BdJPcaDwYIbHGFO9i%2BbB5c1%2FdK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6a6180961fa82774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame BF04 31 KB
32 KB 77ms
75ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=UIcfng==, md5=WdNWx4gdrvbwTy1Z36jlTw==
date: Sat, 30 Oct 2021 03:19:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121153
cf-polished: qual=85, origFmt=jpeg, origSize=80186
x-guploader-uploadid: ADPycduiWxu69HTPjzfnITuafk79mGKZBMPlAkZ338BDUz7jVNw8pKELoEzHKHedueUMTyCf5ipUEfVitNSxg2uak9c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31900
last-modified: Wed, 10 Feb 2021 09:05:09 GMT
server: cloudflare
etag: "59d356c7881daef6f04f2d59dfa8e54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmKSgkbjuFk0DUvyPOe%2BRrK1PESwUwEe%2Ba0Qq8nCoW9tBOjVn7GvBw2XmGLlORzMPtINjUp%2Fp%2BYLkBq%2FNrhO005qpSZg2vcw1cT6WQ%2BY7kx88xGbcNQDNRCBxN0%2FDDQA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612947909004757
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:28 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 80186
accept-ranges: bytes
cf-ray: 6a6180961fa92774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame BF04
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJ...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202110300519295789320...

43 B
770 B

30ms
8ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208559X117679V1226132702MSoneidY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Troneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3DA1 0
0 48ms
26ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2EC4xQD_bCKFWNgxVxq58P_AWpaOlzOVdQtc5-0GBbYGuF2XUce5vPdZf7DGIdLvV6ioJCrJAUyhdutsN4YXzWk_wRalNioOZKPr7rmw0tveNmLJhoM_wE5ufWHmGqSOfHQifY0B_CEo_k3nrWWdb1J26OlrniV8tVdwc52PO0tG-pwlJkE_2_W8ki7WcSqrLSuLrrhFKfFyyqhaIzOtMEi5USrH9x408BlP6UK_CC_psUBsk1M20fzTqaF2ra9Oaq1E-jaqRJO-0S5DUvyojT0fdkg9p1IpUItJVwDhZVVm4IZeVJ5zCrFxNaThjVrVgpjv-pIsePmvzfb8N&sig=Cg0ArKJSzAoBx2J8ZBj1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 30 Oct 2021 03:19:29 GMT

GET
DATA 200
OK truncated Show response
/ Frame D752 6 KB
6 KB XHR
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc45e8ab1650f9bca9c34d4d1d0e3ee9fb16c4e03efa3d6e72107d002bbf7c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 font
fonts.gstatic.com/l/ Frame D752 3 KB
3 KB 7ms
7ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4OWbXZ8XfHikJDqOxRsr89rpr2UPCF_WLdfQo1_WOY&skey=a9ad6a4717e923f0&v=v16

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab:700&text=FIND%20STOREimetoplanyurwgs%21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

ESF /

Resource Hash

938ef76784c10ec6dbabe51ce84afd503fccb6bd728f856540e374dc2c1dfe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 21:50:23 GMT
x-content-type-options: nosniff
age: 19745
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2772
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 22:48:39 GMT
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcAxCjmxc6pXr6ex4MdoGlPkjw--yrnhUREpy7iMU1fwtPy0DU"
expires: Fri, 29 Oct 2021 21:50:23 GMT

GET
DATA 200
OK truncated
/ Frame D752 88 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ac36014f13b30bd1d7fe6d9931524b1396ba225728574629bf35ac6a7c334fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D752 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93924799b935a119786a17135c32327b5dc12ca8653b7285759caedb8752d151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D752 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aee1c3993c93d6ab92710a8d9f045d1894407ed6d4ed74cc5bfcf0a0b9857047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D752 36 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d02d29e30fe93106fb8842ebfca7b460c89ef464b50b2feb74f37a2abeda620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 91BA 3 KB
4 KB 30ms
30ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12321576
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRQH6r2JMyLHDWNkqL9wh0bqOusVRCoYdUPXfXpzt147oMJPuQh06aA%2FdHpA4Z8jwwsJOlXEoU6nrzskLa%2BmkMbS3SeG3Zy3pfM9W2hvmTVQeh9%2Fk%2BxTHxuSs4pce3q8VJknYiST"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a6180965b64412b-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
BLOB 200
OK 51d54465-0ebb-4ad8-a65d-d0a74ae65b78
https://s0.2mdn.net/ Frame D752 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/51d54465-0ebb-4ad8-a65d-d0a74ae65b78
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc45e8ab1650f9bca9c34d4d1d0e3ee9fb16c4e03efa3d6e72107d002bbf7c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 6110
Content-Type: image/svg+xml

GET
H3 200 frame.html Show response
ad4m.at/ Frame C10A 2 KB
2 KB 35ms
35ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sat, 30 Oct 2021 04:19:29 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 337611
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UugXF3BSuucIwtbJOHP6IZPAXchmdGoS3qLWrrG9Py3kXPHeCZbNccP5U%2BQ8Y4NJafqgVQipi818NCM%2FXXFwEPg%2BBd5Aw3cFYOs%2FTzUj6JHBSKHNbZkaqFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a6180966fcc2774-PRG
content-encoding: br

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame BF04 1 KB
2 KB 132ms
93ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: a91ab761d928e89084eadaa6273f8c7d37d7c1571cd65cfc30a5c8612c4b835e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1388
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
BLOB 200
OK 05c8e926-7309-4b76-8bee-a90058d18d75
https://s0.2mdn.net/ Frame D752 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/05c8e926-7309-4b76-8bee-a90058d18d75
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc45e8ab1650f9bca9c34d4d1d0e3ee9fb16c4e03efa3d6e72107d002bbf7c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 6110
Content-Type: image/svg+xml

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5FFB 51 KB
51 KB 45ms
7ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 78687
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Oct 2021 05:28:03 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: Qu_DALD1yzy25gl65wDcE-03kYUTRUajW7lxWtrDZukwzEFj1Ogbmg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 5FFB 25 KB
26 KB 62ms
23ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid489hEf5fmdXfGH9HdtAtDXrTZTZtr3gFKoneid&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=72171d23b242e279ad8b17367e798a36%2F2715512301707278058&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968673&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k9wg2q021tzmz80mbe00zrn017268swzze8hnjz2w463pd4x46y8t7w2ek56qz5mm4zsgh83xpv2t9da7ndyj7tdkm8w0tbcxj458et57800fkekcwpv4x59ykw1v4krj7fpwgv2pt3rpjk9jyb8mmfvahfz7xbk0ew7j6h6tf6d4ma2bts61hjhsg5vrpetj632bcv3d7xhh821jeb1bcqp4mp7zvzepkfp0ff5hjkjn8pww0j6s5atwfd49s64svnzwfw2tpgejxztn20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVEHfwLl8YfrDAuaE3gPxjIT4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTnAU_QC3WS8aD8Ij6-Y1elcEeHNnmXnjZSBCLlytcrenSWYZxUoghBRcwdDKRfqCd-EFMhlqW85v-FjWCU8wWuNzyBo0PlgxJerOJC1KEKRCY9JZw5Qsj-EOPvSaWfvMqCucigBwIojlrtHDDyGJoQXG_-CQen4y7WZ62jOuoPh8ffl2SwlHswvqFOwbfFGQhAe52eYPh_AfoYcW__jvxLFVfuQU5DAfxLICCUCF3HmKh9RxgeYJTD4wneL_3fJ3Tf0ECya4_QCt3kty9qexKhAXt4nKe-Sb3kr7l_t2rjLb12WnwyK07X0uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0V5202eV8Ul7TJNykPJSJuAi9SGw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 91BA 1 KB
2 KB 41ms
41ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b68c73a58754349d8f871ab9a7ed81d7eae61ba5a282b3a5909518c222aa9e0f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a618096fd0a4131-PRG
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90S7wP9ERAFv1Uf6aPdUKUCXwFBocOHXPMLQAPoERJg4K%2FHdea%2FaJtaAjKGlT6vGGG0qVDa9ms3YeZP%2F9k9%2FH7dnOv3uQwSOSejrSF80Hos6RUFCiba9n1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
37ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBMozmljhCLKk2I684qq6TQLzJzTUYYX0fkZU0RvaLWUvSUVSJWadcS2SU03QbNdJ9pIYUGaklj64owIFRqC3JORnzKTduqHXIO3VhUW2TMsjPdnHm9hD9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a618096bcf44131-PRG

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8436 6 KB
3 KB 6ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 94CE 7 KB
4 KB 35ms
35ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582b36fcfc0105d646b382a661986f56e97c53f93803bd84a02a53b97f03822f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gfrs3gsjhp7tk9zpfya5nv8z48rj94fzwf8af3npddt6hxmd88snv5knhy2jdt272e29vx6agfterprjahag241j549y9x0sy72yca69eqhtjsfmfpfs3axd14zpz0m7jxm565v3bz5rk51724xzyr9z8g6kdcbpg4w35a36fvgae46kwj7z0j62vkzz0m43ktbyvkqv5zrxvaftb363p4d5an62s9myhfwqq2ehvwp7qmnaprskh2e6q8kz25fjzr1hr0019315tp1w5ba640n7ps4zgykrjkjnsfjhfnbzqx6g61ekdyvk5g4hggxd5684g365jcc35fw7f9nbr6zg52xmbzbvgsjyvm5fnc5z4tvvct245gv8r66eb0dtb6k1f4ng8fdstdaw4ee2f9a85hv87cj84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a61809748812774-PRG
content-encoding: br

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8436 0
0 25ms
24ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvaxEwLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTlAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE9y3J6jYE3i9Ai8o2WSaVbCGMDgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=p55qROkNOqQ&uach_m=[UACH]&cid=CAQSPACNIrLMZYIETwcsu72-hqLBoWxMfazFBVQpJDEjE711GbJl4L8sUrw5ugw2HmWvJU-SFH5HGAXv3BXyqhgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8436 0
0 277ms
276ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ks21y9mp74hj7tsjnpv3rckzfjp5rt3fga1jenxfewghyrjfnnt0z9v1krvaa4rpgb3cjxtsay9kyx13wrbhrsx7461cag4b18t2y38re0g75v7xhvzg06qxqj9fk8nkxt0h78p52g8dfze941eve7vxa968wpq4m9wc9kqpm589pczvvfb73x83d443qy70qzwdp02kdh4nzstvx6g7pg8xravh78et5hrba2257kztnaxp2kqwxsmrxcc6jq34jxkrnj4kbw5039bmkbz3cq5dvw5rvx0f9skewmmn42612bzxkd73edhm09tb8gp5adaasbnhmavctvfs4zeb7q24vtggxwh4spsnt18cm3xw407g2b4yhd73ape6aahf49svwkqr8&b=YXy5wAAMMesKd8UFAAgkCyVOMu_qPaiQ6g28NQ
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame BA53 2 KB
2 KB 39ms
38ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebd8417686b2847b2da35d30ff0749720503126673b8c8b9b6b850812f6387b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a61809758832774-PRG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8436 3 KB
1 KB 6ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FDA2 1 KB
749 B 8ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 31968
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8436 120 KB
37 KB 29ms
28ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8436 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8436 0
0 16ms
14ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUqxFoo7Mj7jxrWdChF4kQ37XPWDOz0DTUpY_CAuLwzccxZDWHHcKNGqwo-msYhu1JfNzIUu9FI9UsgSLBksg_xvmd4A
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8436 22 KB
7 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame BF04 51 KB
51 KB 8ms
7ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 78687
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Oct 2021 05:28:03 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: S2gh7a6Na3pehoQSAYJqiefUrt_ehkRlffWk3qppfpm2djYUb9Dznw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame BF04 85 KB
85 KB 63ms
24ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidVzBUwfmfPDmcGCbHAtRtEKZakTzTRcQoneid__asuidbsExQQa-nw3Iun9Zczry9wcRoSntSjhUasuid&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C19877&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CY2jcrfG3fYm5SVH9HetQtRR8cAT1TK1Tr&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CqGXsmf1WUp3JuZHgHDtRCXXxaPTgTq4s3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=af9a843de33b6127da1aa0e955a387db%2F410766059995691070&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563968860&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpam6zncjz4ff8wj9ysce4r8pp7cnm6wmh7m487jeqct9k79pq8n3tvfbd6xp0wp3ngeyyfgk8emeqxg5rt29dmsyfewq4pmgwda9ye0zdp3s3ya0d25jrftja1krv2df13tv2xry2szztbp9qzqxrwb5x26d57r36van6pnjahmfwecz9tzj59m4ya5rsazds780zv2dqv85ckg150ssd0ghr37f57b0vvdbe0272m3v97vm5yq4wb2mtdqefkz46sj24z5ag3d2cvnjbg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-TiywLl8YdKrE7SAjuwPtJixmAaQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0JTbyYUw_XIy2vaZhQ4cQ1OCO11Z_mjN_kd5OsVTxKtp3ONmEg03-LemrDeQPdWB-_SQp-VH1iUhx7S2IKQwSxFeDMxXbY29TOy6J3iCWOoFc4tPcHk6DYgBWJpZ-XSIoWQSd07LdyKK83XksrgWI7lRMajl5g-vPKfy_rZJ86tdX8IcxW4XX0zkdPJhxgoSkWVYe6bfZ87e0drle0DmjjRXFn2l3B32Dkq-y2UKExw8cGrK9r_at9-JU5VPWgM-So49PNJoOULqF9uFDp9qtzKttsNNV8A-dG8ili2E5st01n9VtB6h4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0jL-uGHPMKWrQtjWAIfjprEVFDCA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame FDA2 42 B
317 B 15ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIAH7O5_tCaXftv2UDhLCUpyFPhra4qKQyWz9wJ5EmrvXEUii7mrTzIYYpqScaUwDFOUONgUFEaZ1WpF2QQ3Ubh-BochpY&google_gid=CAESEMQq8MNQCIG4o1oep5D0HgI&google_cver=1
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDA2
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJWURZN...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJWURZN...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5gxOOLJaJK2Ezf0RZuE4cocZ8eXUw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJWURZN3Ry8fcP7eOk6bAdBK02C3nrsrm_Y_IYjLyWw5QoypfjfN5ncEUSgADpOm5gxOOLJaJK2Ezf0RZuE4cocZ8eXUw
pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 30 Oct 2021 03:19:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDA2
Redirect Chain

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPJJFhv8lx_TGXRWshPcpySitg_O0ZHp_JRmnfsYpm3K5mwBCyN4Gipb...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzA0OTdjOTktNTc0Yy0yZjljLWNhMTgtMmI3YWZkMDMwZGVj

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzA0OTdjOTktNTc0Yy0yZjljLWNhMTgtMmI3YWZkMDMwZGVj

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzA0OTdjOTktNTc0Yy0yZjljLWNhMTgtMmI3YWZkMDMwZGVj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDA2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIITbos3gcTo0wXXIxGEEwa9K0lsKVunblcpjLHHwbvHo-hfHjg7y-ZPeEFz45ak7PqXoZiYnbd68lmkexYY09FBtK6Bo

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJIITbos3gcTo0wXXIxGEEwa9K0lsKVunblcpjLHHwbvHo-hfHjg7y-ZPeEFz45ak7PqXoZiYnbd68lmkexYY09FBtK6Bo
date: Sat, 30 Oct 2021 03:19:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDA2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2O...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszTE4tMUItQjdQTg==&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2Ow5clTS1ccO5Lc0F9QZHeHTto

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszTE4tMUItQjdQTg==&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2Ow5clTS1ccO5Lc0F9QZHeHTto

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZEOEszTE4tMUItQjdQTg==&google_push=AYg5qPJ4EpMRawa_g8IEkQ8d7uasApZTSUYm1Gx2vOZZPad-Z4T-l7m1TO_W2ONKrdJyTGJfm2Ow5clTS1ccO5Lc0F9QZHeHTto
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame FDA2 43 B
315 B 11ms
10ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU&google_cver=1&google_push=AYg5qPIvU1qO6UJPOx_8Vk5c8vci4-LcxzSUdEP7owVWqhT-lW0Zu4Xrf_QXHAIV0whFEMHlAQ9h8iu_WzUWSnMjFNkDeXW4fA
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 03:19:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDA2
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN_T5L6i_h_DVapOyABVLo4&google_cver=1&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA&google_hm=OJ1laH1fTfOQEkdgCw...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA&google_hm=OJ1laH1fTfOQEkdgCw01oA

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPInFNhNWnhNf-aTv2wKK3J5did4TFAW7-nx1WePIzmXGJCqVW0ANHZvBu9XRBLQv2REH6N499oOpQb8dWGGMPgqnkQXkA&google_hm=OJ1laH1fTfOQEkdgCw01oA
pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FDA2 0
12 B 24ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSSDRkN3h__jDuENKi0TV9stmrWFsX3zM_U_lssC9y0FVomx7KSTjuf133fbCDFq_b0fVt

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 94CE 64 KB
8 KB 27ms
27ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744246
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a618097b8ab2774-PRG
cf-bgj: minify

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 94CE 18 KB
19 KB 23ms
23ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340596
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycduDROmutyIXykilQWambyrZhNAEncbgIvmSffa1dwyIPVaolb4F4xS3urxyLnMxmTWtFTU1NhJyHQpLPNSbT0M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ndhh75bJYzdF5mI%2B322%2Buo%2FGteSjuqXuIaV4WAhOXOGhSTLZzfECzntKAfJqHW%2BC7WoN93UvJ8nFsM84Crjkc9Vj9VCCEhQcgWjst1zhL%2FQMXFmCtEHw3Bo9ogJmleay"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6a618097b8ae2774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 94CE 2 KB
2 KB 23ms
22ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123041
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduN1g0_Sh3X3WqmkAPeDXuACH6u1LmT-cNofnyNT1B8UXHmf1gcCiv7xPLwtYtwKDQB4eSLJckYrCzpJuHuffQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VEGwpJcBeM%2F1lkP43UxokNjEm9pxLvvhjMmerOXY0SdLWfPqumMc3b2OzxVrRI%2F6MD8gKtbWgU7zFGkejkp6YfOVagLzC0IB5cqRaXa4NYDMW02jVCDHTYgyafO4LsQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6a618097b8b02774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 94CE 43 B
704 B 39ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 94CE 38 KB
39 KB 24ms
22ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124874
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycds0zACqGFoEYkEEiVvbEJ2X7tPVHJ6lwD9zs7Cs8PqaQRAgAp2Q883Jy_QUYXtdfvD4Q64gKcR37Cv1vhy0CoY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PwnMuUMGZ0Bs7JLKSqmFy%2B5OrVk2qA0EDE0YDihUlbZFm3TSbemwpBTIA157LI7mwc8GdmjU%2FJCnFcIpU7qCVSv%2FxSgLc8Ev2%2BYT5jh4epEQEyb%2BZiKlqif%2BsoJBDad"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6a618097c8b22774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 94CE 84 KB
85 KB 25ms
24ms Image
image/jpeg 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 337456
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxrihpiTEAnxARME-oA6yPJhrmWwuiF12JxV_t2c5q-bO2pN4CiKYJuSE-kmEFErbJ9KD9PcUxoc1XNWJIhi8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc6jiRVlrhWYmA5E4tBax9YadmnuGp5wPpH2jior%2BEnZmbBeijivEsrfO5Xs8LSBPIUGIeOv%2FgbbQuA6FQ4meijVsKJigJVTB8Iefzj190hfgIFM1AI4lS%2Fpy%2FNAEQGN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6a618097c8b32774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 94CE 8 KB
9 KB 27ms
26ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120648
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduIQL3fzyUefbBk7wmyM6nX1YDEeN97dnG5llrnhvf2gwtyiNnj4KFpvRUBgflYiPsns6tvUTHf1P95FNB0JZg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai2ybWiBy%2Fz%2FeCmaaAXFArrfPo666okb6usb876ke%2FxYKZNjrcKtTcYt8jagR2Tu0zzDc9h8ma1MWHxce8cDCL8p9HK0CwVrAmmYnFB5EDkNO%2BYWWWUndVEdH3SzGsl%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a618097c8b42774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 94CE 35 KB
36 KB 27ms
26ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123423
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdup4b1tK37Gx1lHh_dvjpCyqd1WIrLwH9CM66iCP17MfscNiFXKDsdQE5M7MbeEwtCnqUOJb_gMLSN0gNEkc_o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMCcfxU7Y330BYktcqDGABK8adUB4tosQ90WL35TcQLaI2X9K7y%2BgXRn3AZNv4MNtbozKQKjto5Tz%2F8qkb51TzPdcXpAen%2Bhasy29b8RBE2UWrc%2B%2BPLHnNrlcSPuPmlS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 6a618097c8b52774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 94CE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLGxk8uW8fMCFatW5QodrS4MNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563969_317b2450-3930-11ec-9bc0-226142618b74

0
516 B

11ms
10ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563969_317b2450-3930-11ec-9bc0-226142618b74
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:28 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635563969_317b2450-3930-11ec-9bc0-226142618b74
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 8436 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a0f5d4162db1b2fe7f8ec30b855db7330bbc8e013ddcc759d2ed102a0ae8b7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame BA53 64 KB
8 KB 35ms
33ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744246
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a618097c8b72774-PRG
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame BA53 36 KB
13 KB 35ms
34ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sat, 30 Oct 2021 03:19:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55697
x-guploader-uploadid: ADPycdvQnM3syAtWFDmcb7rN1e1Y0LAqDwWTdnggxOTxATSB1V7Cn4O68eZbfRh_cuomQSkmrdbVqCvUwtE6g85EzXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJuKSYJw%2Bz6xGlXxtEbTB8GOF30e0%2FhKLR6jrulsvKVDEZuxa9HvJL2vbaguU%2B52gCjKErwn3XaxmMTT%2FLFqAlYX85lMN7E6pcbuHKf1gDK2lmiYPmKVrCo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a618097c8b82774-PRG
expires: Fri, 29 Oct 2021 11:51:12 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 94CE 1 KB
2 KB 146ms
105ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fponeid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhdoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4b15e44ad5a427d6b04f14a9d91f0559082f0aec4bfb8e58e44cbdc9dfbe1e65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1302
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BA53 3 KB
4 KB 21ms
21ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12321576
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxk0K75ln6rff33%2Fi5KX4rPkO8bLmXSiyt7WYnxQlpr%2FKwYoRNrHuiGIVJcoOoqNk2YAbHHfttX1xkSReSWydE%2F6XtzVISuXo1d8JQqaTQoIqbpGuRcJSezABsO4iTPh7KWpBpU%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a6180980c46412b-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B985 2 KB
2 KB 22ms
22ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sat, 30 Oct 2021 04:19:29 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 337611
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQovpzSBKUpOa%2Frg35szut0dsVyQeJdz6axBWnrftNOTcnw2gxHdce4SQiTA4uCzRO7yK5hnQFkyTz1Cy%2BPVj9Dvps5g27xFp1svOKXJhwNvt3hNqQuOR6E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a61809808d22774-PRG
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame BA53 2 KB
2 KB 43ms
42ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f4f7fb2b6b3fb8951bfb1e1077aa83c2c3f37695aef93e2dc7877aa63269b88

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a6180987d9c4131-PRG
date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yWqYDpg5SHBITwUqDkgtX%2FjJmp94Ad%2Bx7BKpEgExmtri%2Fv%2Bb%2BDGE62eYlc0rR5F0jrbyxvzsyy2exJUW9l%2FkVWrsKHeSZF6OogRjCMlT1Ic0M0a%2FvjiVZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
37ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk6FIwR61U4mNsdP2RyoImqu%2Bp4X73e7Wb%2FHlHQvs28wbzpNU3exHCPGrSSD7%2Bd5ydYa0XqRrDq3TMGtVrZcAXzW0TcUzai%2FP4%2FEmIfoASXG4hAyAxrWqak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a6180984d874131-PRG

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E802 6 KB
4 KB 34ms
33ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a2661a7fe82750accd533f28426c689328e7d7ae2d3a2e029e99f745beebc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k347m7f3n2kr3sgwa5n0q0cygfr9ge94v558fjw7sbpyt34s5s23yt0cfjter2e24da78mz8dp2paegfvhmhq82vknjksmzad4gp62be8rxszzgfngf850h52b6jg7axczq6ms32pbmf6h0t1f06jpt0tvjpdq4y4e380radz3mybqd2j9ff64kpeyap65b07phq8sa5wc3f1rab4sanejg5y35nhrsy3q1r9x8b9cn0522g9cws77c11s5y1m0dqnhjrw9wpc2v0cwpsvjtvdw6j6a9sfdzge4ryatcnmgp385p4b4rzn6wcwf7a9ym34k79csnr4tk4ys2ybtbackm1frd0awbwhc9mg9rrc77mxmf9g20my5qb08jv7bm477sqb0dx7wb0y5c7hjr7ar6b55pcc9n4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a618098c92d2774-PRG
content-encoding: br

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 94CE 51 KB
51 KB 7ms
7ms Script
application/javascript 18.66.97.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fponeid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhdoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 78687
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Oct 2021 05:28:03 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: a9V8DPh9CzMSou-cg5GfGWIysRwC9U21CeLgvyPhGJWbgqAUBZl9BQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 94CE 85 KB
85 KB 62ms
23ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidxb2fQfAfjEGfPHdHztQtRbZfJT6TqXhAoneid&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=fe7813007900c621fb8b244981885f0d%2F277932038116032705&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969133&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kmqj4z7ks1e6rxqkmr5q22t301kmxrmep5dc02554c1np6qqwsas6av27vtxajpyd8j2rngvry0re8se4szmqjrgst8wczvmc095637crd5a96ec8pq0kjdb03srdkma17fb38j7pd162sc0k7vhcje9pa3pg0jzxdv2yg9ctrbd85v43ecgv3ekjhfdmd5w4eshy7e1xeykecv4gmxdpfvktp5xg8s3e29fazmjwc2cysva016069pxmz1fb82zh1ga2jwkm53g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXOf2wLl8YaCfK-OKjuwPjvOu8A2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQIugvQvkWWzPuACAKgDAaoE6AFP0OMnrvj-tbvQoYsINefsI9nKwOn8G1kbPoZIfaVv2jLsR_YD274SNVXOn2gw8s1gURAx4NS2Yg-MHSiP-iwCSGTQyQwThKDdsjfDCAAlyHfcvj1TAA6f0dG6yt73sNYkWRqEsP3-YAEYC7vDmokkqA31s1SS-UpyHIvH1nT4dUd9KOaSr4lsrXsuDso-cmN8bHNs8QgtNFlAIXQSj8l_qJr5azR58q5s6QKjBLMZ4TiOM43sAuTuxhT2Wva5vFN-RtNLGefzmMew9AL_bwQpE3tr9Vv87FOlGxkw0d8D06-M0CJppB1_4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2qLuRQ5YNyT-s7DLaw241azqi8nw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Sat, 30 Oct 2021 03:19:29 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame E802 64 KB
8 KB 24ms
24ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:29 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744246
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a618099194a2774-PRG
cf-bgj: minify

GET
H3 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame E802 6 KB
7 KB 26ms
26ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123253
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycdvsQAzWIU8O9EZfbOeGQey6fvcn6UduvE3P9Lh1-Go8WuHam5n5AAmdz36MmszUgOA5GAoVjZMdD27KdAzzWOo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2SfFGBaJWs0DuSs47qJMZIYPRArXxfMoIu22Rqpi2vUO497TDAZlAohEp65XLUFS%2BtLgg6RMA7oQ0veZnjyPYsf3Go3vfLfX278NuSaTIW709sh0IDP0xXEpOB9Sw9%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a618099194b2774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame E802 28 KB
29 KB 25ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121691
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdtYMjl4tN7HahqYZO1x_BYqP-Nlp7pI9XkwE22tvEdYUWDByDk1g6sOPRyiyGeosGnTMzHbnpcWX50DVIYbl6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjQhNSUQTwFsmaleKJ8E%2Fs3nTZ1kqV8YpyNrmklVaZ%2Ba8U1PmFr2na4dh%2Bg7bm%2Bf3uUHU01isVxoO4lxjQMaVj9ledO%2FRRBXDs%2BOk3bfdvZmbj7%2BefGBEkbL%2BkJULX9O"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a618099194e2774-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame E802 43 B
467 B 24ms
22ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneidzmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFWoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:29 GMT
last-modified: Sat, 30 Oct 2021 03:19:29 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame E802 9 KB
10 KB 25ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120686
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdtBONKyDMgvEivkdpUv8T3b-KTSZOzOTyOTIPH-PEb10q5pNT4TsiwYWFJgrVWEAHrwR88_QcUWzwGSF5EGuGM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y7mtGGeKPhUKBY7xkfAXS5Ll%2FtDYXeIvxEfoXCpG65x%2BdHQ2aw5F4rjsKzOtc9adsvLxKLqc79kCgKrJHHUIke52b0MtItdokfBT5ygqK1JvlJVkU0SOwbimwlzuR9n"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6a61809919512774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame E802 19 KB
20 KB 25ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=JbWtsw==, md5=JJTrR/gVHMvTHm8bHvL8+Q==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122061
cf-polished: qual=85, origFmt=jpeg, origSize=136162
x-guploader-uploadid: ADPycdsK4zMa1vEKJRZjL7YvlbqP0jAHcbkRZdmOipucWOIo2DLiHaqwre7XWEiJNcPjT13pJaMk8E4k0rmIM8m599M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19842
last-modified: Thu, 21 Oct 2021 09:14:42 GMT
server: cloudflare
etag: "2494eb47f8151ccbd31e6f1b1ef2fcf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKNkwU9LNWUMwMfzCS6hkmq0RNWlKHhPzIXYKIhGmNMRs8qEIum2fdRPrJrlIiUVcI0NVwD5LekFVVm8KWghoKZtwdVXOa5prV1vz2e1tVeBBoOe%2FsfKMALx15329g6G"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634807682206403
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136162
accept-ranges: bytes
cf-ray: 6a61809919522774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame E802
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdr...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211030051929578932086...

43 B
752 B

30ms
8ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E802 53 KB
54 KB 25ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119926
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdsP1smxuddH-HaNqcXjdhDZocNsY8vzODjXilWMcb630wYVY0UDGvEqfyW_uH6FHGBymuCmQaFP4aavnmBr6yq2Ehzv7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJGShPfLzNiU9QoizBGbXIP7HAhRjSxXl8G97HEi3RrNJfNU1ITwpuPnW7fejdrZJj2Ri5QO6GXJWsWENOrqy4qYdFHcBQUunz17Tj%2FcTrIB45iyEQKT5iZ4KFPXTeX7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6a61809919532774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
assets.ad4m.at/product_image/ Frame E802 18 KB
19 KB 27ms
26ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=gfkikg==, md5=avEG5yogcCrUEMfBdrzXRg==
date: Sat, 30 Oct 2021 03:19:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124254
cf-polished: qual=85, origFmt=jpeg, origSize=51563
x-guploader-uploadid: ADPycdsllN9s5fPBs0EHSELfCOxJrTKeegxKKgpGbUISkrbTyUlSZi_vexxC4OryIb7O0kDgfkE6TQvoxuTXA0-RU50
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18118
last-modified: Thu, 06 May 2021 15:15:12 GMT
server: cloudflare
etag: "6af106e72a20702ad410c7c176bcd746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuNO30FyUJNQG0f3qEthi%2F6Fua6Q10ak1j%2BcBDZ7BB1CY7FjMrw1WRxAxwxCXbKCcWUScstzBUO2JWJOyHyeD05ZP01KlliG%2Fo6KbJTJdCpn0GJ5hkMSaxHtq3naQDAZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620314112255078
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:29 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 51563
accept-ranges: bytes
cf-ray: 6a61809919542774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame E802
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJ...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202110300519295789320...

43 B
770 B

23ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C20352&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2CADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2CMxefzfrfWjeaWHEHGtQC66BT9T4Tb6ku3&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=cff00723984971aae1465c9944e1f143%2F3943493714341209017&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563969377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnwg1at1x42s3ws2gs71yryt667x949abyfat1mgrhxjxkwmrb99x549y2fny6my4bv4ckd9yrbx9h99pt4ntj90cnjwbznzxgpphy09yp5mmwz8dt8pnnpac0ay4wk8se1y4w682ad2zgvy2ka6gam0s1kpwxerb4smq1ppy9y9mc941b3ery1ajqjeddneardc6qv0nyrkhadj88eqb224f3apj3t1pxnx9cmx8zq9s4zpp0cjk3903hza1z5z0bqhqtvys188%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_m77wLl8YevjMIWK3wOLyKCoBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QZgSvLPP2lW6RqEcaJ039lhMpyjiyOBEcZKTHSryyij7JfbHMu4-kVARwf8ouxLJgeBpYJt6J4NDu347UkBRS3kxarQe1nXlX3NBKupe33brXfAlc8XSMgY_Z7pEpLUuhBAA_0NZqU2ldpIyosSLdtcp74zR6SqndywCCCUr3R8jY8CRCP1nieWn1Lu3VUVAUKeQ_Nd1-ZsXV8ecp4pLKpktpr5Xecf-cgDP_-KGS2n87vGiQHsfZs2aOVMLwfjh-hV-ikWwdf9pKyKgeFGJ_qE8w3pMxt5hltMA76_NIIMQwIdTWh8XgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fBM5U8VpS5NFP6nOgcqtgotcLnA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 30 Oct 2021 03:19:29 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3 200 container.html Show response
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81EB 6 KB
3 KB 7ms
6ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 03:19:27 GMT
expires: Sun, 30 Oct 2022 03:19:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DA1 42 B
64 B 29ms
15ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq7u6gMO8lsV7JspYRTiXknuoaekmJRQBQ4FO0O-VacY6mcqxIhat_pJRAlEwVPbWiZsvbjWjZ4-GyJxwrEcKRfZ8REqHYuLT003bULzp4PNbg7AAE&sig=Cg0ArKJSzFdG2MxVYPPhEAE&id=lidar2&mcvt=1279&p=302,1236,552,1536&mtos=1279,1279,1279,1279,1279&tos=1279,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3569041045&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635563968728&rpt=246&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5FFB 16 B
232 B 80ms
79ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 102ms
28ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame BF04 16 B
232 B 92ms
92ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 67ms
29ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 81EB 0
0 24ms
23ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEmPtwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgTlAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5rjMiUa0R9FwiTtDajgwzHEYe3gBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=xnHKwlo__yI&uach_m=[UACH]&cid=CAQSOwCNIrLMOSRJN2B7HqZ4f1a0DSXPQnbOaDEyH62PU7vEPJuik_cl0lc5kfiU_tftnqQH5PVFYnALpn9lGAE
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 81EB 0
0 259ms
259ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ketjps1wctf94cjjmx7tqf4tpx78kb1skzmdhpaa6kf975khqa1ksgresawbk9bh14r4mv13xw8g90ebg9tenfxybeqppkbv8qx1qy22e2r5rkbtyhyawrbywf3x5d053afjkeyykxqnbkk6j5z08twkm6cssr8sfx1tpfe14hy1afx5s82kgbvab7y8ewr0zha0k9tjgzkghf3kyv7c7pjedz18zeavb1z5xf1pwfc1wp1ztbkh08jrycpbkhjj4xvzmpbgna6hwenm2p2yz23f7mekexb16rjhkmhck2y8gzxjzaw1j0xa6vjpvfwjswsbk5kdf63k93wk2qhx8fb2d4rmew9c0cf0hxsm2rstt007q79pfcm3zby2nj8afjjrthqzr&b=YXy5wQAHfowKd9KOAAZrnd-_LPz5_QV0XFMiHA
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame BABD 2 KB
2 KB 33ms
32ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

835e21f5f6a0d094afbbf336f8cfdd39f35c1fce953fe063683e1642324e805e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a61809ecbdf2774-PRG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 81EB 3 KB
1 KB 6ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BC2F 1 KB
749 B 8ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 31969
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81EB 120 KB
37 KB 26ms
25ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 03:19:30 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 81EB 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 02:48:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 81EB 0
0 15ms
14ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnh_WmQb06oRTvEj1ePMSVhavPScbH8swXH661B9Ovo-zM3iBGCijHvfPx_d00blVjWjBw7vFGV6j_EkB1_zjmobdskA
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 81EB 22 KB
7 KB 8ms
7ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 29 Oct 2022 08:00:44 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 94CE 16 B
232 B 95ms
94ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 44ms
30ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 466606.gif
id.rlcdn.com/ Frame BC2F 42 B
307 B 15ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJGhIq4XN29DFVcqZeX06dswpOA4ExWPEaoZc6rjSUML3duCTdQ1pYPMKUqmZjwn4nVAtUyqKXc_vWyscdFEs-RPLzlkwo&google_gid=CAESEMQq8MNQCIG4o1oep5D0HgI&google_cver=1
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC2F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ7YAVV...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJ7YAVVFbUgJ19h4szGeZga3JGXQGGay7bNXCPXnBdJ1nJPddRa25b91J4zWK1rl4...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJ7YAVVFbUgJ19h4szGeZga3JGXQGGay7bNXCPXnBdJ1nJPddRa25b91J4zWK1rl4RoPxPSj9kURAFJKm-NHlvR9Ph3Rg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMzAwMzE5MjkwMDAxODQzMjg3Mzc5NA%3D%3D&google_push=AYg5qPJ7YAVVFbUgJ19h4szGeZga3JGXQGGay7bNXCPXnBdJ1nJPddRa25b91J4zWK1rl4RoPxPSj9kURAFJKm-NHlvR9Ph3Rg
pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 30 Oct 2021 03:19:30 GMT

GET
H2

200

openx
match.adsrvr.org/track/cmf/ Frame BC2F
Redirect Chain

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEDUYtnIO9capHVqeavaKJlE&google_cver=1&google_push=AYg5qPJYeVirnNJoUBPVNQ6X-Fz_2yIMcA5g5Joo0ERU8ZyFOkqgwL0uYScp...
https://match.adsrvr.org/track/cmf/openx?oxid=5c26af53-9e3b-7138-dff8-71c337e1c38c&gdpr=0

70 B
265 B

103ms
33ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5c26af53-9e3b-7138-dff8-71c337e1c38c&gdpr=0
Requested by: Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/openx?oxid=5c26af53-9e3b-7138-dff8-71c337e1c38c&gdpr=0
date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
server: OXGW/16.217.1
alt-svc: clear
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC2F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3iyZZXvtjIRuCrqEGrpfzsxCJgk5sXPmY7-XJzhmHXd-kqSjk29-ZsjWQjnUIIg4za_1Uqrm9Eaae7JaJV8BfQ48LQkc

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0QnH8w3iTuOa_nnp-5nBbQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3iyZZXvtjIRuCrqEGrpfzsxCJgk5sXPmY7-XJzhmHXd-kqSjk29-ZsjWQjnUIIg4za_1Uqrm9Eaae7JaJV8BfQ48LQkc
date: Sat, 30 Oct 2021 03:19:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC2F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEAsbWbtTZt7gPV2BWWTqYxQ&google_cver=1&google_push=AYg5qPKVcK7HKFnJRl9hpGewdvA_l4x9iHV32WzTbf9K3esC1DS2Q3eDO7g676hq572eGAmisYa1_aA...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC2F
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEClT4ksEqSjnFOEY1aOpIVI&google_cver=1&google_push=AYg5qPIA4OTTxEzfvAA5muOI...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIA4OTTxEzfvAA5muOIZSApDwMqH2AsNf8DR5NAJ6IDkna-koD-ck-QdKw6m4OkqOCo0qLMxREb9xuH1KqPFybRCjT9RHGN&google_hm=

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIA4OTTxEzfvAA5muOIZSApDwMqH2AsNf8DR5NAJ6IDkna-koD-ck-QdKw6m4OkqOCo0qLMxREb9xuH1KqPFybRCjT9RHGN&google_hm=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 03:19:30 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIA4OTTxEzfvAA5muOIZSApDwMqH2AsNf8DR5NAJ6IDkna-koD-ck-QdKw6m4OkqOCo0qLMxREb9xuH1KqPFybRCjT9RHGN&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 29 Oct 2021 03:19:30 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BC2F 0
12 B 24ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiIKwKiJMS4T49Zg95xEFA1SGWfp6xK4mu6pFCscuRFEtgLz6UEDE0HCYhi_32IKY

Requested by

Host: 60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
URL: https://60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame BABD 64 KB
8 KB 23ms
23ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744247
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a61809f2c0a2774-PRG
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame BABD 36 KB
13 KB 24ms
24ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sat, 30 Oct 2021 03:19:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55698
x-guploader-uploadid: ADPycdvQnM3syAtWFDmcb7rN1e1Y0LAqDwWTdnggxOTxATSB1V7Cn4O68eZbfRh_cuomQSkmrdbVqCvUwtE6g85EzXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXvSTSC4yWZ1bhc93%2FaX4wSrx9r8fH6GTbRZFHQFLxS5Lqa2xTXNtdxrjf1NUhsPvwRgPKSwhrUXdjshha5ZkEZ1I8%2Fupj9TQnLGIleznO6z7ITuL%2FPYb3Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a61809f2c0d2774-PRG
expires: Fri, 29 Oct 2021 11:51:12 GMT

GET
DATA 200
OK truncated
/ Frame 81EB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf377327518a566dea680230fd188e3922ac5c1ca000e25b47215ed16dcb1e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BABD 3 KB
4 KB 20ms
20ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12321577
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCBzmSjdddZTUYRw%2BhWlOnBvv2XWNiY2I%2Fw1T3uwYxG2c6z8z1ki1e5D6s9xmCdiFk7Iev2w7Ck7USroHOBtM9MBMCciN4T2asZOH51WrU%2BUaw3RjdShWbZALspm4E9LKjbW3DaZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a61809f58b8412b-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B7BD 2 KB
2 KB 21ms
21ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sat, 30 Oct 2021 04:19:30 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 337612
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FoPvsIId9%2BbFNRbnySnmFlgAoAC9qekTyMMqH%2BlO32rflUFm0cDFYPdTg9bSiJGV3mGje%2FhbApCoCSXt8Bx3OdLZeZBLmtTiyCTiACL9Cm0m0xybn0%2BEOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a61809f5c222774-PRG
content-encoding: br

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
38ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ur4qVkHkoZNMzk2rmhZFqE7i3CCbtgxyDhmG3TGsPDT%2F%2B9eMqKvbvGd6HbmNI0UVvtKfCP8W1zVRbbsonll9T2bBh0MG8uhX%2Fwkc%2F%2FT4Kw7U5NqkIuYoyAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a61809f99194131-PRG

POST
H3 200 rs Show response
ad4m.at/ Frame BABD 1 KB
2 KB 40ms
40ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf804032e9435195a7a1cf0707eab106bd8ced72f878e11bd8141baa88e952f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a61809fd94a4131-PRG
date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK67DQPo49PhrdytYkHjJj2UY1N1KejKfdVt85s8j5%2BISByKpVGOoD6pVBJFecYAYMA2ODl%2FFrCnVir3FXJFbhdhKj%2Fo1PDgXdXC5jlW%2FQ3GHfGZd74OudE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D99A 6 KB
4 KB 36ms
36ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac20c812c455d11b6631fccdb86aaec322ddc51234796b438c2806925bcc181d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kbnj55xph75wrk52zcsyejeatk7wkhxs3x91dp21zpwh4hb329dms2h5g0ceg22n0y44ce38f6etbs28ftccyk7avqxjqsqtm1g0wgnsn9nd2ra4h1ekzy2p43q7ds0j8parzatwzamw13r3xstq34gmy4hr60jr5kzzxw8aww4mjszpve2ddpaxwz7q4vaeeqsrzc5d1gck8n9ft849y7p6d9gpke6npt2a9nr2t056qw90dd8ap4jpzs4haekqe7v1c7b0hpbz32jnrq3127ftw99wjvzt1ycnwk97tzr257zy348wn4pn98d5ny3h71rgnvamrmq6r5k1gep1dkxd02m4cr3mrqfe4genajeynne2y3vanzpggvx4zqphne72rvh4n6dav5766hfx41spqczjam75m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6180a01c7f2774-PRG
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame D99A 64 KB
8 KB 24ms
24ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 744247
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a6180a06c962774-PRG
cf-bgj: minify

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame D99A 38 KB
39 KB 23ms
23ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123512
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdvPbGl_R5x-T0HvYhoNhiPS6vfXlWehl5VBe3IJj5k2loqM0OLnukHeDQFBZfK4bwQnqEvZACQJGIgn2bUiQog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIywXTW%2FdCfsRZBDKUVGz1w4RMrQ0N5bDqYh%2FlRCQx1fawwRBByjWCuQCLIte7c57mWXewPlY66oKt%2BDqXE1WEtmBvaQRsqHKecq8IeiT3ED4nMKhwOXHLBx4F4X07Oe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6a6180a06c972774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame D99A 113 KB
114 KB 26ms
25ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124279
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtObM0AekeXJqrqfBO1uuYLU-ukIkW7LWaGos-i0AFawoBZXZQgV4ZL8PBadmQ4gTY4e8Wa-FYNNyR-SEvdqt8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5z2CdaH6T5ym2SOD4m6%2Fy8zJAFSTod6NXRrNq7f8Rkgm6bYayX5VeraQdzlyHmsrKN80PF82mcSwN7ogZpWRH83s3uy8CsjHN3GiWBAnRu15v6ksL3A%2B8KgaZgmKAWu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6a6180a06c992774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D99A 43 B
702 B 40ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:30 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame D99A 32 KB
33 KB 26ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122017
cf-polished: qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid: ADPycdujZS_TEqeTnC2LEBVSmTMpBaiJQ8NGZLXRDnHkt9XWNZvT8DhOVkDiS32YX-hHxfRTSKeXjEn449bMVyAkZl4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33156
last-modified: Wed, 25 Mar 2020 13:46:38 GMT
server: cloudflare
etag: "8544ef287dc84c81c60b9ed4887078d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5XFdCQRFn2l9d4h6tPl4UCjtU7G0zAwwiYrwS3DEC9IPKz93W3wx%2Fb%2BUglk0nySawcfqa%2FxGIyT%2Bjg6frVCm8%2FGwvoQPdiNLviS42pBn46e82dZf%2F1zvQ%2Fmbp77qy2v"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1585143998277875
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 91728
accept-ranges: bytes
cf-ray: 6a6180a06c9f2774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame D99A 6 KB
7 KB 29ms
27ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124855
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycduH1PTemCp3ouElpNWZS9DmYlakOnSRj3GHOYXrbCbxHr7xsBW_stPDROfRY1gO5aDpGaPNEkPct0JBF0yM5Jo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTlEB2CEtqwAp8AXlRYE9yz%2FatF%2FHYYj8%2FzMyWL5njN3%2F5WjYifAn9XRsiA7Q6cDNxLYU4zJVSrduhULO5gjtSD%2BCfJfXBnE6hcDN2KMCPJ2ZdxI7mbzMuYGAiX7K1zi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6a6180a06ca02774-PRG
cf-bgj: imgq:85,h2pri

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame D99A 9 KB
10 KB 36ms
35ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Sat, 30 Oct 2021 03:19:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124819
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycdtLObGVqFQKLy0DYs9Eks_uPCnagT_0P67RGhjO1c5o2r92-0Tam_DmN4wGrjRBYVee7w4mis4Vn4zh8T0pMeY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCsR0Bsw0UC%2FTSw5gibdsiaU%2FDlCGhrTzYxFQzcdRoP1%2BSIoptMs%2BhUvjSP3HfFS6DQqdFJhaut05hhGnEqZ0ldfTcEQhFtvQyNh0m%2F%2Bs7M7QNnBsKrB6p0cbnFTgmN4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Sun, 31 Oct 2021 03:19:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6a6180a06ca12774-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D99A 43 B
702 B 46ms
34ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 03:19:30 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2

200

/ Show response
www.autohaus-koenig.de/htlp/ Frame 8E12
Redirect Chain

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&gdpr_...
https://www.autohaus-koenig.de/htlp?coyotetrackingid=391615593
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593

531 B
420 B

11ms
11ms

Document
text/html

195.201.218.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=kKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLd&g=edafce943d36de2d08ca1f84d0fef693%2F9390352952846768491&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635563970547&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvs5e7dxkhycd1mdhg810ftea5h3s2yt1x6wxxg7f20yxnahar3jy4kkb30evd3pnbw8krxkf2xkpyb9pn2tbtev0ef0mnvmjv67tmx3getrkn9sqh4dnzpm3fggzr98z00gd6ztbwh5qyttjna844x4j9wess6gb77tcv9cr47j3m0vf95ssnrme12787yvff0kpn22y0crxx0sn4mbajwqmmd58dm73qqray9yvs4hptpdmnp2zcvg0bqdac89qsrj4y7c546e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCa9iNwbl8YYz9HY6l3wOd15nYApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTk2NTU2OTY0MDA1NTAzMqABwq7o3QPIAQmpAi6C9C-RZbM-4AIAqAMBqgToAU_QcQtAvccx2dOMHPaEnaWwoIeYkmLHGnzoE5hfo7_SkYzTv_Ydz4rBl5nzbpajRjJxZs4pK-BKiRiQEQTp3-jR6XWGKIb_47ZEuSCfXT5RlpRcNZGoEp2jCUyoufmRF8FcO1KWMhx4rVlRgRMJwEakIe3JP4QkKhyeeDllPoI4LLADI9ujsECsYNeOGvFwX42HenXaHZVStvecVg0Z9LM7LaA9HJorKhWEzjHBba6_P2IuaXC65UxdP4Nn35Vpu5rbJE8HoAOhZOTcncDErJuBE5qhMCiIBsrCguxqRT46iqM2WPl6PorgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S4S6UM7hMXkes--mKS528cpA85w%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.218.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.218.201.195.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.1
date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

server: nginx/1.20.1
date: Sat, 30 Oct 2021 03:19:30 GMT
content-type: text/html
content-length: 169
location: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8E12 89 KB
35 KB 22ms
22ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Requested by

Host: www.autohaus-koenig.de
URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=391615593

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6b0db4857ab34b83cbbf4444dc374423ed211b2e4e936c239c6c7a18e323918e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 03:19:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35761
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Oct 2021 03:19:30 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8E12 48 KB
19 KB 13ms
13ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4704
date: Sat, 30 Oct 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 30 Oct 2021 04:01:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: urls.api.twitter.com
URL: https://urls.api.twitter.com/1/urls/count.json?url=https://ktar.com/&callback=jQuery36003062088319766889_1635563966742&_=1635563966743

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967532&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1277454184&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967541&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3921124157&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x393&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ktar.com/	1970-01-20 00:28:59	Name: _gcl_au Value: 1.1.689610566.1635563967
.adnxs.com/	1970-01-20 00:28:59	Name: uuid2 Value: 521350116581840507
.adnxs.com/	1970-01-20 00:28:59	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2InAl!k4N!]tbP6j2F-XstGt!@E0=%(EUb
.ktar.com/	1970-01-20 15:50:35	Name: _ga_7J7KCG2FVK Value: GS1.1.1635563966.1.0.1635563966.0
.ktar.com/	1970-01-20 15:50:35	Name: _ga Value: GA1.1.1408183703.1635563967
.doubleclick.net/	1970-01-20 07:40:59	Name: IDE Value: AHWqTUkuyVhmmtrc_cy4MIbVP8a5cOlORsfbDTuPeqZiGBICCouh5lgvTVPb7Kb4pGw
.ktar.com/	1970-01-20 00:28:59	Name: _fbp Value: fb.1.1635563967268.882277338
.postrelease.com/	1970-01-20 07:04:59	Name: opt_out Value: 1
.ktar.com/	1970-01-20 07:04:59	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Oct+30+2021+03%3A19%3A27+GMT%2B0000+(GMT)&version=6.2.0&consentId=f68b7252-6e27-4850-b1a0-2dcde2cff394&interactionCount=0&landingPath=https%3A%2F%2Fktar.com%2F&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0%2CBG15%3A0&hosts=&legInt=
ktar.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":5204212,"placementID":1119446,"lastInteraction":1635563967401,"sessionStart":1635563967401,"sessionEndDate":1635638400000,"experiment":""}
.ktar.com/	1970-01-20 15:50:35	Name: __utma Value: 248041309.1408183703.1635563967.1635563967.1635563967.1
.ktar.com/	1969-12-31 23:59:59	Name: __utmc Value: 248041309
.ktar.com/	1970-01-20 02:42:11	Name: __utmz Value: 248041309.1635563967.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ktar.com/	1970-01-19 22:19:24	Name: __utmt Value: 1
.ktar.com/	1970-01-19 22:19:25	Name: __utmb Value: 248041309.1.10.1635563967
.ktar.com/	1970-01-20 15:50:35	Name: _ga_5BSVRFW0T9 Value: GS1.1.1635563967.1.0.1635563967.0
.mookie1.com/	1970-01-20 07:48:11	Name: id Value: 10812650125290212541
.mookie1.com/	1970-01-20 07:48:11	Name: mdata Value: 1\|10812650125290212541\|1635563968426
.mookie1.com/	1970-01-20 07:48:11	Name: ov Value: 7e698bfdb6e1dc21c9d06dbd4c3362ba
.quantserve.com/	1970-01-20 00:28:59	Name: d Value: EHEBCQHNJIEA
.quantserve.com/	1970-01-20 07:49:38	Name: mc Value: 617cb9c0-690fb-5a2d4-c6dce
.openx.net/	1970-01-20 07:04:59	Name: i Value: 8f8a900a-37bc-4ecf-852e-b92b53c6f071\|1635563968
.casalemedia.com/	1970-01-20 07:04:59	Name: CMID Value: YXy5wEjY3IFB4yoY07ZXPgAA
.casalemedia.com/	1970-01-20 00:28:59	Name: CMPS Value: 3209
.rlcdn.com/	1970-01-19 23:45:47	Name: pxrc Value: CMDz8osGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-19 22:20:50	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 00:28:59	Name: CMPRO Value: 1189
.casalemedia.com/	1970-01-19 22:20:50	Name: CMST Value: YXy5wGF8ucAA
.pubmatic.com/	1970-01-20 00:28:59	Name: KADUSERCOOKIE Value: D109C7F3-0DE2-4EE3-9AFE-79E9FB99C16D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 378147b482ca0bc
.agkn.com/	1970-01-20 07:04:59	Name: ab Value: 0001%3AGSiCDHZZHkiIFNI0C4PEhXi3d2QoLzR4
.agkn.com/	1970-01-20 07:04:59	Name: u Value: C\|0CEApD3ZAKQ92QAAAAAAAAQ13AQCAAQpAAAAAAA
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: khqhakuu84h9b9akpjm0tc7g92
.innovid.com/	1970-01-20 00:28:59	Name: uuid Value: 389d6568-7d5f-4df3-9012-47600b0d35a0-20211029 23:19:29
.o2online.de/	1970-01-19 22:29:28	Name: nscQ485 Value: V
.awin1.com/	1970-01-19 22:29:28	Name: awpv14098 Value: 412871\|1635563969\|3173aa40-3930-11ec-9bc0-226142618b74
.awin1.com/	1970-01-19 22:29:28	Name: awpv11938 Value: 412871\|1635563969\|317b2450-3930-11ec-9bc0-226142618b74
.congstar.de/	1970-01-19 22:29:35	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1635563969_317b2450-3930-11ec-9bc0-226142618b74%22%2C%22sp%22%3A%22awin%22%7D
.e.dlx.addthis.com/	1970-01-20 07:49:38	Name: na_tc Value: Y
.lead-alliance.net/	1970-01-19 22:29:28	Name: ppv1225 Value: 2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
.lead-alliance.net/	1970-01-19 22:29:28	Name: ppv1226 Value: 2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid
.r.niwepa.com/	1970-01-20 07:04:59	Name: tsv Value: kCc!HUlK9aSQvS4!AQ\|CkIw!A!~EpeB1oA*4g!Bia1AQ
.o2online.de/	1970-01-19 22:29:28	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTYzNTU2Mzk2OXZsZWExZGUyMDIxMTAzMDA1MTkyOTU3ODkzMjA4NjA5WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZEFEZUZZZnFmeDJWU0FIUkg0dGt0TU1FVTdUNFREVlFUOW9uZWlkX19hc3VpZGtLZnJBb0pkckF6YnNQc3FDY04teWlpcUhFRmVSdExkYXN1aWQxMTc2Nzk
.o2online.de/	1970-01-19 22:29:28	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021103005192957893208609X117679V1226132702MSoneidADeFYfqfx2VSAHRH4tktMMEU7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117679&ratenzahlung=24
.addthis.com/	1970-01-20 07:49:38	Name: na_id Value: 2021103003192900018432873794
.addthis.com/	1970-01-20 07:49:38	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:49:38	Name: uid Value: 617cb9c157ef21a4
.addthis.com/	1970-01-20 07:49:38	Name: ouid Value: 617cb9c100014806122afc2bb394a4ad9d5ddecfcde626f4feeb
.dlx.addthis.com/	1970-01-19 23:02:35	Name: na_sr Value: 20211030
.dlx.addthis.com/	1970-01-19 22:19:24	Name: na_srp Value: 3614
.blau.de/	1970-01-19 22:29:28	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTYzNTU2Mzk2OXZsZWExZGUyMDIxMTAzMDA1MTkyOTU3ODkzMjA4NjA3WDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZEFEZUZZZnFmNVk1Q0FIUkg0dGt0TU1HczdUNFREVlFUOW9uZWlkX19hc3VpZGtLZnJBb0pkckF6YnNQc3FDY04teWlpcUhFRmVSdExkYXN1aWQxMTc2NjM
.blau.de/	1970-01-19 22:29:28	Name: nscQ486 Value: V
.blau.de/	1970-01-19 22:29:28	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021103005192957893208607X117663V1225131106MSoneidADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9oneid__asuidkKfrAoJdrAzbsPsqCcN-yiiqHEFeRtLdasuid&wfid=117663
.ktar.com/	1970-01-20 07:40:59	Name: __gads Value: ID=1aab38b0bdb5df0a:T=1635563967:S=ALNI_MZS97mgTN1ecGOMQ_REhhJNgaB0dw
.rlcdn.com/	1970-01-20 07:04:59	Name: rlas3 Value: GRu8Dspbrd+wqC//yYISZJTFvtzOD8Sxo1xr65v7BvE=
.openx.net/	1970-01-19 22:40:59	Name: pd Value: v2\|1635563968.1.1\|gu.vN.iy
.dlx.addthis.com/	1970-01-19 23:02:35	Name: na_rn Value: 1
.dlx.addthis.com/	1970-01-19 23:02:35	Name: na_sc_e Value: 1
.awin1.com/	1970-01-19 22:22:16	Name: awpv11830 Value: 412871\|1635563970\|324726e0-3930-11ec-9983-2233ccb48bf8
.awin1.com/	1970-01-19 22:22:16	Name: awpv19228 Value: 412871\|1635563970\|3248d490-3930-11ec-9600-22309c92d156
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 388274:2629118
.mobility-ads.de/	1970-01-19 23:02:35	Name: coyoteTrackingCookie_1 Value: 391615593
.mobility-ads.de/	1970-01-19 23:02:35	Name: coyoteSimpleTrackingCookie Value: 391615593
www.autohaus-koenig.de/	1970-01-19 23:02:35	Name: mobilityAds Value: 391615593

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://urls.api.twitter.com/1/urls/count.json?url=https://ktar.com/&callback=jQuery36003062088319766889_1635563966742&_=1635563966743 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://ktar.com/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967541&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3921124157&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x393&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1' from origin 'https://ktar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967541&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3921124157&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x393&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ktar.com/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967532&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1277454184&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1' from origin 'https://ktar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2970120887519183&correlator=3466138696835819&output=ldjh&impl=fif&eid=31060438%2C31063135%2C31063166&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635563967&dt=1635563967532&dlt=1635563966576&idt=478&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1277454184&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1408183703.1635563967&ga_sid=1635563967&ga_hid=1591381018&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXy5wEjY3IFB4yoY07ZXPgAABKUAAAAB&google_cver=1&google_push=AYg5qPJyHeaMI_FpfxQBiOQRgwFJeTNcHJI_P9iwtldyirVL7akeH1DTqnVzT5SjoNtLuGCu4Zq1XtO2qGpOXBPXUA_WJlYTL9k&google_gid=CAESEEci85M_OXBIZu3BtpJpAYU Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10288467.fls.doubleclick.net
10620649.fls.doubleclick.net
10625865.fls.doubleclick.net
60137447a6a38f04904e840d66485be2.safeframe.googlesyndication.com
9445712.fls.doubleclick.net
9919737.fls.doubleclick.net
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
api.secondstreetapp.com
api.webgains.io
arizonasports.com
arizonasports.disqus.com
as.ad4m.at
assets.ad4m.at
bam-cell.nr-data.net
banner.congstar.de
c.amazon-adsystem.com
campaign.mobility-ads.de
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cookie-cdn.cookiepro.com
cse.google.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
embed.secondstreetapp.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
js-agent.newrelic.com
ktar.com
match.adsrvr.org
media.secondstreetapp.com
neso.r.niwepa.com
netdna.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel.everesttech.net
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
prod-rtb.ad4mat.net
rtb.openx.net
s.ntv.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
urls.api.twitter.com
us-u.openx.net
www.autohaus-koenig.de
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
cm.g.doubleclick.net
securepubads.g.doubleclick.net
urls.api.twitter.com
104.111.215.191
104.111.239.217
104.16.19.94
104.18.10.207
104.18.6.120
104.198.205.129
104.26.10.209
104.26.6.27
142.250.181.226
142.250.184.194
142.250.184.196
142.250.184.234
142.250.184.238
142.250.185.131
142.250.185.162
142.250.185.234
142.250.185.67
142.250.185.98
142.250.186.102
142.250.186.129
142.250.186.163
142.250.186.166
142.250.186.174
142.250.186.33
142.250.186.40
142.250.186.66
142.250.186.74
142.250.186.98
148.251.139.77
151.101.66.137
162.247.243.146
172.217.23.98
172.67.74.129
18.168.50.255
18.196.159.27
18.66.97.126
185.33.223.38
185.60.216.19
185.60.216.35
185.64.190.78
195.201.218.101
199.232.192.134
2.18.234.163
2.18.234.21
213.133.107.215
216.58.212.142
34.95.89.54
34.98.64.218
34.98.67.61
35.186.253.211
35.187.117.15
35.244.174.68
46.236.13.147
52.215.101.139
52.222.210.175
52.223.40.198
54.146.124.230
54.197.229.45
63.32.201.39
69.173.144.138
74.125.140.155
78.46.85.162
79.137.69.91
8.39.36.141
82.113.101.132
82.113.101.236
84.200.5.215
88.99.63.132
91.228.74.133
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
03b4a055b08c7377eeeed48cf478f9bcfc3bb985b05c0bafdec1677583770455
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06aa4665102fd07d9b0642880155a694fa21485c550c9cef2d8c9592bbb8245b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0949cf7a7c3cc6577f6b644b32ac4f11a0b36d702999ca118a40a33e99cb15b4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0d9048d0773313ba7746bcbed29ca2d18c339f7f0a3627e359de8f7146bf09c1
0e1dd9bee18c1d77e1e912fdfd7127875ee68971cbee514ed7f64c297c39d179
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f611a50de16d3334ddd2091a11b3977d6f94fdd9cecfadf087e68f79bce28a5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
125f48af03b461374761a18f635fbc8fd5bc43e3da4c82e6211c83584ad35310
1269f671e4213a269e971a7dc23d7d3ba24fe777ee809b0fc2da7b5f7d513202
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
157311dd9bb337b8f45bcc518cc2b48dbec4042d330a77c45cb2d123c03ebbf7
196fc391219f33ccbaf52f221429a1f12770a1bd454f91dc3aba1a07b9552404
2543b798df6a799c869fe2576ddc5f4a8cc538d34f5ff6f800c0ccdfe4dd4803
25f39a070ba858ee26f4b7bbb22e24c3892a636c7e1fc499ea3bae0e47d35ef0
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28a110a1ff4c1d6a68d7a4e60ed003cf3a5ac032cbf5094c42e330f777c6723f
2b98f860e9a54def502686421bfb92bb22cdc5419fb0644878315b4b07ff8b0a
2d32ec84909c43eb31ef385240a5d9cbbd6ddbb90023e6b5ddcc950369dd73be
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
30b20a43d5569acac11a41d919897a1aa79d16d93677045581651cb4b9e67fd2
325f165c685c1d718e3994e21e4fcfa66c58a66f3f4c6577b15fceb88a0209f8
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
338965bffdaad52bb4476bc878feb1fad834e1470f84be9d870ce184b7fa33c4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370
3975b253b0927885ba4ee85867d153388d504212a1594bda8d820a341428deea
399acdda6a5f99bf828685120aab6a1c29865ad2c5ce8acd375725d01b4fd468
3b7d8d14ee20c2e9242f091380dc2276a6f56f76c2a60568e8ed31bdd50d2818
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
406ae784ee9fb1160deea9a496a8e0336231ba7be2664f553652ff74fdb18001
41c99a3fe7353454939f9640d6f9cd8128e79b35511513f6d02175315c3eb8d3
46a08a7c8022f72f9a30cd59ea54735b90a5342aac89d880f66d793eec75d630
47477ce0b02049adb985c36faadf3a91284cdc1cc1bd82a961c124f43109c5b8
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
487bb0c54dc0ecefcf2076e2ecd45a0a1ac153ae8ab1a74223720f0d2d56f5cb
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
48e5e969f3500c283d013aae66f43e7e8f83cfdd90284551a10fdcadab5ee722
48ff125fe5db4d2ac73128d683e9473050c2c9bfc9a2690e28afc719ecfab04a
4ac36014f13b30bd1d7fe6d9931524b1396ba225728574629bf35ac6a7c334fd
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b15e44ad5a427d6b04f14a9d91f0559082f0aec4bfb8e58e44cbdc9dfbe1e65
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4d81cd951bc1cc8095a0b6385baa47b9c5fb6fe1440661563a09dbd2f7e243db
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b
4e79aeedfd29a639cfd81edb76b8fe43bfc7ade7f99033e1bb4360481ae66154
4f55ac21ca8c4a81d64da97b24530d381bcede55c67bec36ef7e41507f965858
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5039712f8d85f1de0753e1d8a4244dc054c9fadea91011321dd171b808810627
540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
568bfec9dc16803be02c481cbea692dba658dc61dcd34bba9090a13268542dfd
57a2661a7fe82750accd533f28426c689328e7d7ae2d3a2e029e99f745beebc3
582b36fcfc0105d646b382a661986f56e97c53f93803bd84a02a53b97f03822f
591c9f1734913f75370ed7321f16b9df87e2ecbfa82a396c5209f068a20710ea
5a32d32e2e5fb637fd1b35e24625f93819347f5b117c3f37406176456e692a4b
5a7a64666023a7caecca475d3c111c33b522468efb3ea5fb855bef8633ba3bd4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5e2e981fe98878294fd3de7700cd425533d7ca8c090beb026b2b71dfd63e3508
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f16dac2da002b531a66f23c20e7889f304391f4e854b50d0cdba2ac2d5b4d1b
6074e51e0f9a4388cb50d7075cbb78e6481bdf5c9f6c7fda7abf868082e92eb9
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
63028089b6bc0baf9bacaf507f21f56f6c70855960f4a31c51a83ff3dc2647cf
643c563abab207c9806aeeeff9c308c7175d62f5e9c570caf6de2c5b7afc06bb
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
68907ee01093b2068a305daeded339b68cc0990b41eadb457bbe0e1e5d50eb83
6b0db4857ab34b83cbbf4444dc374423ed211b2e4e936c239c6c7a18e323918e
6cf9b3fa8b8f4e734ba8a1ed6eeedcff1e0c3874325881475a70730dd91687d5
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f4f7fb2b6b3fb8951bfb1e1077aa83c2c3f37695aef93e2dc7877aa63269b88
71173eb1cc84ee88adebf5552afaf335a6d6b2759d37b722b56f7d05c9abc1b4
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
73431242d393f2b2932f404e6a00d234b1ca38041af6eb27470761da0d8ed2c1
73ebba81cb86c91ff5bae5a5754c3909aa41b3c9aae0c5f4037e606c35378134
743118de08e11807033615921ff81dcf28b25e07cd2da846e3a4f26db97323c0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746603bbfef19344518fd7a23eaf82dc597ff628b0e1384d7b5e73bdcfa7e241
74c718acc3939d2e365f80578f37c5feaa847f8034f13112eb0e73d857329181
7614796e1d873e2ebdf2f411e12a73c6d6a0b626ef7edc405e3c3d4052f63440
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7d02d29e30fe93106fb8842ebfca7b460c89ef464b50b2feb74f37a2abeda620
7f1acab7716cffdd27f631b6fb47eaa71fabd5339a6cf701e02f6df04e7705bb
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8234c6fd6b3f09b5d78fdda27eb4e7daec0d3d899b86a9b190cea175627a1c89
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6
831605e63d3d583717f00776b01e5886578eed6e8afceea4b59f80796a11681f
83245214087cbf2e7a0ed37bfd85986dc991412cc9448ccd88ef8b5887e21fdd
835e21f5f6a0d094afbbf336f8cfdd39f35c1fce953fe063683e1642324e805e
84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f
8433def104aa499f4fe17d2c7abe032114770528e6a92745e52b5ff0116b5bab
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8a0ceb3573f6667c826b96b1458ef6f0c301a7f5b39e6234e630094fc5d6107a
8a0f5d4162db1b2fe7f8ec30b855db7330bbc8e013ddcc759d2ed102a0ae8b7c
8ac3dd20b181b9c53eaf4d64028f2adf3a64f6a7fdfc1a0a1d0e9b73b9bb7f10
8b6b38175d300ed73096a7c28fd39cba69509a5196bad1be6c1d3edc970414e3
8d537ad83561a6e1b61e92e35ad90b34713238448b075e10bc67c1c9722286ca
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ebd8417686b2847b2da35d30ff0749720503126673b8c8b9b6b850812f6387b
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
9284dca5245db3f78fe7e92b98673c4907d2e0cf2039bfed655a435e09588f62
938ef76784c10ec6dbabe51ce84afd503fccb6bd728f856540e374dc2c1dfe9f
93924799b935a119786a17135c32327b5dc12ca8653b7285759caedb8752d151
9403b077ca0e2bee098460abdbb5e92939e7e36927e1cbbba765c65d798a52d3
94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c90decd6b56b50b940452832ba1225835e51c1bffe2e3f709a6f555522ecc06
9e1aa2eac91c65abaee2ebf248eb7e684c8b84a1eb31c226fb579b7d8ca33efa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1521f80b4ebd8a18612ca6f0c4bfd622b7bdaafcfc13cf3eb905f97eee5475e
a2f16d023ea43ad0b0a88b500e96228cba4bd64664bba272ab81a6d5ce3a3041
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4
a5a37264ff1f2a19e3b63d3ef4a30f3e245dc26d6cf01e6a876e0ee8dec18909
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5f56f9f5fbfb65c4f7aa7d823c7e8098cbc65a600655c0175afba3772167031
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a91ab761d928e89084eadaa6273f8c7d37d7c1571cd65cfc30a5c8612c4b835e
ac20c812c455d11b6631fccdb86aaec322ddc51234796b438c2806925bcc181d
acc2939dffcf1a1898300c9d64da85e9be22c923a8f2f9d4e0f131d9803a9b1f
acf6921a36ea4f70d608b49882438f17c4af992e04e8924bc4cf7e2f8b0dae1f
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
ad97e9de9c37981cb8a17dc1b36cad15d3d7c8dc0a60d4cd8fc152536fe7f7f5
adf377327518a566dea680230fd188e3922ac5c1ca000e25b47215ed16dcb1e4
ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9
ae16a468d4bb3ff5ddd789a4bffe34ca4d0c38ae5f4c3fc45b60a9db059c3caa
aee1c3993c93d6ab92710a8d9f045d1894407ed6d4ed74cc5bfcf0a0b9857047
af57e21392ab61f764937da2634c062094b82b086a640d7410a16aa375820da2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37841afa1a6c61128647532c2cc98a15dfa55acdbe650bfdfb44bd75faf74c7
b48cae9a9fcc318fb1c638f4097ad3ca6445c236b981998c799efdc662b6653a
b5354871cee47a832039c4f6ab3a0f1b45b670e0e87f08561889efd45ac3ae0e
b659f351a1ce55cd5c4fa47743ab36ed91cd7e114a85e1faa9286edf3972342a
b68c73a58754349d8f871ab9a7ed81d7eae61ba5a282b3a5909518c222aa9e0f
b6b395e822b9d494e9b4c1b6e8ca0bfefcbf3a81919ab3ca55bdc9642134f9c3
baac041f9cedcc851bf5855963ac7bd84908ec39613ec95d1217706b75e276b5
bb06305fa5c8a6ff15b9c46b92d1c9a087a962e69930ac1fc3d6f26979288213
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc3e9da0211cf7e7d2ea9854d98f3ac298bdd8007a1356c3e980a4b1fa457cfe
bc45e8ab1650f9bca9c34d4d1d0e3ee9fb16c4e03efa3d6e72107d002bbf7c41
bc65ca5ec8553cb86e14f69bc593e40163a0fe383a0f0ad544f172bc14ee9a0f
bdf804032e9435195a7a1cf0707eab106bd8ced72f878e11bd8141baa88e952f
be9e24322758d31e40dd3bd879d902816fb8f8cb6b2beb285a8633869cd715f8
c0c3207d5bd04fd85479641ac5b7a63ee3f668692d233e513be2cf4a1c05e96c
c1767cef2ccb59df656a974ef1a87862fda49f7d25c912357c26efc2dc70239a
c216c6c4cd384219a86e806c818d4080221dc16c71c1ccb957c1349740b2ecae
c2751594edaed7b725664e41e4e8d8d46475d95520d2e9b96c73487850f8cc56
c2e7b97014888892d70399baf2f07766517da24e1e7c94df63406e271b8831aa
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c752d8fd9ca0d1501305899db78069fa8d3aece6a134f840b3afc07ed2a7ed04
c8ea85f7fbd954ecdc3d3fe304b3d8b2bf656b788ece16794d661e263619a5be
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95606e1abcd77e77fd7d4d4cf3b901ae62530822b924e33c8504baba214f43e
ca897a9052701e5eda5cc2eca490c710c14ebd9378b2a3e3d76971df58ab5063
cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484
cb6ef831dd2255420654ea16adc04f9e8bd00f984cc85cab98407e6ec6637b7e
cc21d5a9e609b2997b4f9c3a5b520216e5ef6522c656b81b6105c9b62a8fcc5b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce02b3d4700bffa18f3d5599306e343cd3cb6c6bf24547a6116b34b292d62910
d00df460ffc64663c41e6bce8b91d698eac4e1589c0dde647ac1e11fe8258b10
d07d76697561f78945b2ba05d0733d2a086f3bbf8b304139400afb390c02c52b
d0831e01bc269a1f5cc5c476493e9993b6d45f6332333487e6363463678073f5
d0b545535c8c37bf9e9c596800eec809e48fb2b1aeba24936d5553d70e496b2a
d10300c242537c00158b43f17e6763f4635b5fac898e5454cd1946403d8d28bb
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b
d5bcb9b6b05eda9d1507d22d3bc2155fbacfbd16e3953faf494dda0e2de9d4ae
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d808f5c8e5d3a5bc172e49a02169f38a0565e37b44d664c49d2ae91e28e10944
d8d860892c9a1dd820a710a980227b8403271cdcf0323c9a47d41538ccec80bd
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da03b252f14ccb757f006891da428808723e460034b7bc09446eb26bd04dd93a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db008e4be3499f0f4baefb2a3e3ac365a85628b6b903eeb6b121f6892a733354
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dce0f570315dcc80f9fe813b3d3f79d52782abba57b387001514bff6dbc0f9a7
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
e07dac40b96f7503f396331e32d231530f8d9bd9aa58cf25e22b17421f6d4b14
e13a7f8506c7cc36afe366e3ac76701428d4bbc9f4eb5577abd141e7955b6f0d
e2bde21795958b7e5023986cd3e1e665f1a65c527df76a8482b3887ed16485ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e750b3284638308fa6d086f25513ab840406b9fd96a6eac4159cafa18a4953b5
e78543a902d9f90c7b764ccbba7bc9fe7bd12bb15bae492133277aa0d91bb1e8
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1
f426fa6cc2a36699c5a918dfac7c9e5a6a88e087be8e09e061009e68e109da6a
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f4e0c376f31a800cbc117ae5d46288cbfe4cc8e1148868ca20b1081968bd5112
f5077adeda5e35352a04be133087c5f8bf176f7856012fff524cb0983c0d5626
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fab2112a39c83331852c2d74e97c4a74f637d8807db7d41abd2b74f365aa6d16
fb007fb73f106f2aab18828758a6c371edde8777df002aba833f7b93e7d6d0cb
fb655e24036d4cbfce058c1d8b48d4d7447f9c88ce76f099b6ce1e005e8a20e8
fd131a367334929efcd8da8a72c28a29272e1dca278069f4988a5910aa9f9623
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff52509ca0a39892c3308915863b3b623f1a32bd6afadb85897c4e93690e929e
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

ktar.com Open in urlscan Pro 104.198.205.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

367 Requests

90 %HTTPS

0 %IPv6

53 Domains

82 Subdomains

57 IPs

7 Countries

7297 kBTransfer

11823 kBSize

64 Cookies

24 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ktar.com Open in urlscan Pro
104.198.205.129 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

90 %
HTTPS

0 %
IPv6

53
Domains

82
Subdomains

57
IPs

7
Countries

7297 kB
Transfer

11823 kB
Size

64
Cookies

367 HTTP transactions
11 data transactions