s.id Open in urlscan Pro
45.126.58.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.id/indovegas_slot
Submission: On November 05 via api (November 5th 2022, 8:54:30 am UTC) from RU — Scanned from DE

Summary HTTP 116 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 25 domains to perform 116 HTTP transactions. The main IP is 45.126.58.78, located in Indonesia and belongs to IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 135427.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:218... 2600:9000:2182:400:8:217d:7c80:21	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	396982 () ()
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 3	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	13.41.138.109 13.41.138.109	16509 (AMAZON-02) (AMAZON-02)
1	65.9.86.41 65.9.86.41	16509 (AMAZON-02) (AMAZON-02)
2	35.176.203.209 35.176.203.209	16509 (AMAZON-02) (AMAZON-02)
116	28

17 45.126.58.78 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2182:400:8:217d:7c80:21 (United States)

ASN16509 (AMAZON-02, US)

d3li60t7cgizua.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 ()
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.81.208 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.138.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-41.ams1.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.203.209 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-203-209.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29046 ad4m.at — Cisco Umbrella Rank: 8843 assets.ad4m.at — Cisco Umbrella Rank: 38886	846 KB
19	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 ad.doubleclick.net — Cisco Umbrella Rank: 208	33 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	228 KB
17	s.id s.id — Cisco Umbrella Rank: 135427 microsite.s.id api.s.id — Cisco Umbrella Rank: 671514	879 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 134 region1.analytics.google.com — Cisco Umbrella Rank: 3868 www.google.com — Cisco Umbrella Rank: 17	2 KB
5	cloudfront.net d3li60t7cgizua.cloudfront.net	91 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	2 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 107755 static-de.ad4mat.net — Cisco Umbrella Rank: 161777	8 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 16308 api.webgains.io — Cisco Umbrella Rank: 49444	31 KB
3	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 17173	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5594 www.google.de — Cisco Umbrella Rank: 3590	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 41842	50 KB
2	congstar.de banner.congstar.de — Cisco Umbrella Rank: 96558	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	971 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	485 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	462 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 989	926 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	95 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2041	356 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	149 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 899	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	691 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
116	25

	Domain	Requested by
14	microsite.s.id	s.id
10	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	cm.g.doubleclick.net	googleads.g.doubleclick.net
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com s.id
5	d3li60t7cgizua.cloudfront.net	s.id
4	ad.doubleclick.net	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
3	www.awin1.com	2 redirects as.ad4m.at
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	banner.congstar.de	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	odr.mookie1.com	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	prod-rtb.ad4mat.net	s.id
2	region1.analytics.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	api.s.id	microsite.s.id
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	s.id
1	analytics.webgains.io	track.webgains.com
1	id.rlcdn.com	googleads.g.doubleclick.net
1	www.google.de	s.id
1	stats.g.doubleclick.net	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	s.id
1	s.id
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
116	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
home.s.id

Subject Issuer	Validity	Valid
s.id R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
microsite.s.id R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
api.s.id R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://s.id/indovegas_slot
Frame ID: F8D893204BEF98831E389949AC930C2B
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 74BF477A1DE9810A6A1FE79E64628BAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1667638461&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Findovegas_slot&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638461621&bpp=4&bdt=257&idt=148&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3904261317885&frm=20&pv=2&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Frame ID: 147EB34AA9ADB78E14CC2808ABC140BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
Frame ID: B22310EECADC68F6DCD3D83EB5B0421D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16
Frame ID: 426DF3B4B16654B65DB4EA04DE8E3653
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSMiLvyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLcBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa53sEImxzth4CHMOtQvWc-Os-5WpW58QMGMjMhM8BZGgqUp6KRmogAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=aqVoQ3BIGvI&uach_m=[UACH]&cid=CAQSPADq26N9E5ei2tPufpHck0jiQgEB2Q5Nz0fNO8jz-CJyLD8jeooyynQ5lwe7lKNFyUXNUZ4kk2JKvRBbohgBIBM
Frame ID: 5E063C6D08088623382176D6A0D74347
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D
Frame ID: 267E5E4CE51C5836A7DD040A018D84FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FFEF062CCE4EB434B8B95EE4E29DF83
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CuziRvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuAFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLpfVKzs3mSOa6ZqCtuDr5LiLkVZXUSnxQWaw04PjP1DBZ7Kg8cM-gAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=cz4H--wiiHg&uach_m=[UACH]&cid=CAQSPADq26N9dBrG194cNU5hTHgm99Ml5QV54OM2LFZy2uB2Q2Yx7MQ3aUjvcG1lmpHE7RVlbqQBUlo3J8lQOBgBIBM
Frame ID: 9091C8742752E03DAF087FEC842F9DBC
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D
Frame ID: ECADC5DDE97549AFE6CFCF0E12C36CC6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D22D47EADDCBA35DE6696E60386E7D08
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8C66A189779EA01454E2889CEABDC112
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B2F0809699497798C6C9EEA35DBAB99B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Frame ID: 5DBFF38651B914A357CE30000A605CD3
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Frame ID: 2F78290BFBDF2DD059CB364F003102CC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 415F5EB76C581A25F4C1FE0EB6869BDC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4362984681F9CAF84716539F3743739E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IndoVegas

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

116
Requests

92 %
HTTPS

55 %
IPv6

25
Domains

38
Subdomains

28
IPs

6
Countries

2419 kB
Transfer

5683 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/groups/indovegas/

Search URL Search Domain Scan URL

URL: https://twitter.com/indovegas_slot

Search URL Search Domain Scan URL

URL: https://instagram.com/indovegasofficial

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=footer&utm_content=indovegas_slot

Search URL Search Domain Scan URL

URL: https://home.s.id/page/report?url=https%3A%2F%2Fs.id%2Findovegas_slot&utm_source=sid-microsite&utm_medium=footer&utm_content=indovegas_slot
Title: Report

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL3nFpboh0SpaJCsRtIebXc&google_cver=1&google_push=ASkJ3FZ4IJb3u6q-qHhwr9R4T8SULkKyB1P5k1w9HB6NJiNJBnrLhoTUmLf9rRwNu1AZpiTpJaPBKJz_hFwTYQ2QmscHrNAQYAeRa70ybNIxoeqgxlY6MoRiqZ3xq-oC1ntkY1TxvTXihtoJutuAXVB_Yw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL3nFpboh0SpaJCsRtIebXc&google_cver=1&google_push=ASkJ3FZ4IJb3u6q-qHhwr9R4T8SULkKyB1P5k1w9HB6NJiNJBnrLhoTUmLf9rRwNu1AZpiTpJaPBKJz_hFwTYQ2QmscHrNAQYAeRa70ybNIxoeqgxlY6MoRiqZ3xq-oC1ntkY1TxvTXihtoJutuAXVB_Yw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mrpVEGiqTSC6yBwlsdc5lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4IJb3u6q-qHhwr9R4T8SULkKyB1P5k1w9HB6NJiNJBnrLhoTUmLf9rRwNu1AZpiTpJaPBKJz_hFwTYQ2QmscHrNAQYAeRa70ybNIxoeqgxlY6MoRiqZ3xq-oC1ntkY1TxvTXihtoJutuAXVB_Yw

Request Chain 59

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrB4TYQG4mY8FBhshpRhhA&google_cver=1&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk5OuVZcmQhMQGJT_dctQyGRAWRmFMO9RLD7FfoQd6ecGBEzixwigo8T4n3vvPTiCUC6Ws_krW_iFehlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVItMjctNjdNNw==&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk5OuVZcmQhMQGJT_dctQyGRAWRmFMO9RLD7FfoQd6ecGBEzixwigo8T4n3vvPTiCUC6Ws_krW_iFehlw

Request Chain 60

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_cver=1&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIUnu4fCBSVizfj_mQNY_dFVtA99Uk0bz5m-ItKDXxnc5ETX9sL814gekhDkD1RGXL-WYlzSLD-Hwo5z3c7NGNEWUDnG4YEtJUgC4Ug4G-C084a4Yrfn8ab3E HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIUnu4fCBSVizfj_mQNY_dFVtA99Uk0bz5m-ItKDXxnc5ETX9sL814gekhDkD1RGXL-WYlzSLD-Hwo5z3c7NGNEWUDnG4YEtJUgC4Ug4G-C084a4Yrfn8ab3E&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIUnu4fCBSVizfj_mQNY_dFVtA99Uk0bz5m-ItKDXxnc5ETX9sL814gekhDkD1RGXL-WYlzSLD-Hwo5z3c7NGNEWUDnG4YEtJUgC4Ug4G-C084a4Yrfn8ab3E

Request Chain 67

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMA3i2hC9XBooJHJ5IFpAYM&google_cver=1&google_push=AZmPxg_nmkyE4ELb9TQ3jEkVIRuLjOukpnyVyZ6MvGJUqNsL_UHO4I9BWoR2dClEYLdzH2cfse-BIuIJsvkJTfj4jxR43hedi7Qa HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMA3i2hC9XBooJHJ5IFpAYM&google_cver=1&google_push=AZmPxg_nmkyE4ELb9TQ3jEkVIRuLjOukpnyVyZ6MvGJUqNsL_UHO4I9BWoR2dClEYLdzH2cfse-BIuIJsvkJTfj4jxR43hedi7Qa&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5mEL56ORToWPcAq4uaIoFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_nmkyE4ELb9TQ3jEkVIRuLjOukpnyVyZ6MvGJUqNsL_UHO4I9BWoR2dClEYLdzH2cfse-BIuIJsvkJTfj4jxR43hedi7Qa

Request Chain 68

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEamJ-T6pc6h-FTb9jR5SeI&google_cver=1&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8tviUC2fQLlqobHHEkbEqFbXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVMtTC1FVE1P&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8tviUC2fQLlqobHHEkbEqFbXg

Request Chain 69

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_cver=1&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVpWAh43Dkpm0Ct-fKu9msX3BcoQVvPjw3RTfCMkbeSKtpwrufR0eqXm9TCODB8MmZ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVpWAh43Dkpm0Ct-fKu9msX3BcoQVvPjw3RTfCMkbeSKtpwrufR0eqXm9TCODB8MmZ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVpWAh43Dkpm0Ct-fKu9msX3BcoQVvPjw3RTfCMkbeSKtpwrufR0eqXm9TCODB8MmZ

Request Chain 92

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKG9t7LVlvsCFV-T_QcdV1ID7Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ab1990-5ce7-11ed-9f2f-2266c0ccb091

Request Chain 96

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKq_t7LVlvsCFUmG_Qcdcj4Ahg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request indovegas_slot Show response
s.id/ 37 KB
37 KB 1266ms
243ms Document
text/html 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

de154d98346f0ea20c375d205917f4a61eeb7d6eb5ffa5c510fcf991ab7fc9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=30
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 08:54:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 24a79f7ab99634a0.css
microsite.s.id/_next/static/css/ 76 KB
13 KB 1098ms
184ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/24a79f7ab99634a0.css

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

c7f8bad24c3fd7cfa9935bbe4b246162b4b4a3946cbc5874c9cc51839a2b5dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"130fe-18441eb79b0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
54 KB 154ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96a834f15a259069a2f1f1351dcf926383e27bfb69732cba695a99ef38cb64cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55235
x-xss-protection: 0
server: cafe
etag: 1058374946322771217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 08:54:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 144ms
50ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0d83f47c69c41f629d1bfd9bd90b650a81a22ca20921c5b1546a98948c3dd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 08:54:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 207ms
113ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22958d705f2d42f1cadb11386a06e98cb733d68737875b42b77e5f7733ef5d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 08:54:21 GMT

GET
H2 200 webpack-85c09e4cc40b6217.js Show response
microsite.s.id/_next/static/chunks/ 3 KB
2 KB 1050ms
180ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-85c09e4cc40b6217.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

d699729dc861dd77a1e59c994fd4ec356cc878f5f27cfbf028b413ee4e31f5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"c52-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-1d78b5852a861806.js Show response
microsite.s.id/_next/static/chunks/ 127 KB
42 KB 1232ms
362ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-1d78b5852a861806.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

d388d6eadbda67959df2e176105d189a9ee25434d49e645a752b2a10afefacab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"1fbbe-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-4e1da43bcc1ff872.js Show response
microsite.s.id/_next/static/chunks/ 86 KB
26 KB 1051ms
182ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-4e1da43bcc1ff872.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

6beb37a5f81ce379bac5cd2168e6953e70f4ee512f5f1abfa8260803b374ed16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"156d5-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-c869a927cd000cc5.js Show response
microsite.s.id/_next/static/chunks/pages/ 156 KB
49 KB 1401ms
532ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-c869a927cd000cc5.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

305d570cd85885df298cbb8e58e273bf2796a6ea0fc825ae1e5eb4475f47a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"26ffa-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 f85a1fd0-90ec78cfa26a75e3.js Show response
microsite.s.id/_next/static/chunks/ 485 KB
81 KB 1054ms
185ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-90ec78cfa26a75e3.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

3141e87055524d160bb5ec664e95db816505fd9656cefe6d660b6a1443611612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"794d9-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 5f65323a-1afb8a4d6985e276.js Show response
microsite.s.id/_next/static/chunks/ 889 KB
311 KB 535ms
533ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/5f65323a-1afb8a4d6985e276.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bf0dc20d92c62ef12480a329fe905157d6b84ef7cd14214254fc53fae8ab0fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"de26a-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 30846afe-9d97082e8f26f8e3.js Show response
microsite.s.id/_next/static/chunks/ 480 KB
197 KB 714ms
711ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/30846afe-9d97082e8f26f8e3.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

946ac0fdf33cd12412a8d0fc81545ecb090731c4014e3ba46170ac751b51cfbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"77e41-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 394-cb956be6c66fed9e.js Show response
microsite.s.id/_next/static/chunks/ 369 KB
106 KB 1089ms
1087ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/394-cb956be6c66fed9e.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

43fdb79ef851cc5956131e7843a70cd887040c5629305f33de8b06ac589c6bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"5c55d-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 %5B%5B...any%5D%5D-7aa626b4880356fa.js Show response
microsite.s.id/_next/static/chunks/pages/ 43 KB
12 KB 1089ms
1086ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-7aa626b4880356fa.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4fff3235cfa721bd847add0eace5f7f251c39ab572b79f54c20d4d8f47c607dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"adda-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/ 544 B
803 B 1082ms
1079ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

e85634fbddfab3ccd61567a8fdbb7f16c9918478b661d5acff7f2971472874bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"220-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 544

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/ 77 B
335 B 1083ms
1081ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:22 GMT
etag: W/"4d-18441eb79b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/ 92 B
349 B 1087ms
1085ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/vyCeOYek-U70iqXNNKejc/_middlewareManifest.js

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Nov 2022 09:14:40 GMT
etag: W/"5c-18441ebc000"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92

GET
H2 200 css2
fonts.googleapis.com/ 39 KB
3 KB 143ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&family=Roboto+Mono:ital,wght@0,400;0,700;1,400;1,700&family=Roboto+Slab:ital,wght@0,400;0,700;1,400;1,700&family=Rozha+One&family=Archivo+Black&family=Poppins:ital,wght@0,400;0,700;1,400;1,700&family=Licorice&family=Lobster&family=Indie+Flower&family=Caveat:wght@400;700&family=Bebas+Neue&family=Varela+Round&family=Montserrat:wght@400;700&display=swap

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecbd9c9222375a847fed2304dc5d1c78f084e9275628e2a17f5ae98e6208b43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 08:54:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 08:54:21 GMT

GET
H2 200 24c57b58-32d1-42dd-a3ad-69eeb90ca2ce_225x225.webp.jpeg
d3li60t7cgizua.cloudfront.net/images/ 5 KB
5 KB 754ms
701ms Image
image/webp 2600:9000:2182:400:8:217d:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/24c57b58-32d1-42dd-a3ad-69eeb90ca2ce_225x225.webp.jpeg
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:8:217d:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9667ca85eb3e8090fa4153563d4c67b2086aeb68a8802a41768afdb3f6650a95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
x-amz-version-id: gMQsmfSZpxRNVcE4TL7dngI82bjruzLM
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 10:51:15 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "2838712733cca1d8cdfaa7f8cb73624a"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 5148
x-amz-cf-id: eTgKx2qgbhhDf059VEEMJ0FEBwosmQTGTdur_SY3oFuFF6_HkmIvFg==

GET
H2 200 5d82bcb6-8687-4195-b946-a43706586c16_600x600.webp.jpeg
d3li60t7cgizua.cloudfront.net/images/ 23 KB
23 KB 747ms
696ms Image
image/webp 2600:9000:2182:400:8:217d:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/5d82bcb6-8687-4195-b946-a43706586c16_600x600.webp.jpeg
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:8:217d:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a36b1ea64cf6b400d368d6b086a8e8e18b74b07d02cf9a52ccea8b8ea9461b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
x-amz-version-id: zF101xrOoyTA_tQu88uAuo6etagzq3Pw
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 11:23:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "4a1ee84ea890741d9f0b039edc7b6943"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 23302
x-amz-cf-id: _-9DRIbmNfL8-R_0fDd_VFY-Z6Our1VKU_lhrXtlbtp3RGWpIDVG4A==

GET
H2 200 30fbabeb-3bbb-4542-9372-c23a0d5b6054_600x600.webp.jpeg
d3li60t7cgizua.cloudfront.net/images/ 12 KB
13 KB 704ms
685ms Image
image/webp 2600:9000:2182:400:8:217d:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/30fbabeb-3bbb-4542-9372-c23a0d5b6054_600x600.webp.jpeg
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:8:217d:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fb56a6bcdcc124ac983ac25b5c221564e94746c2df1b74aa4a86b08db4396e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
x-amz-version-id: 3kri4R4P3BDK25MGcOT6c1zS5yI_A_Ux
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 11:23:32 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "60b7d5db5a7b69051fa0cd55f85c1e17"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 12562
x-amz-cf-id: YvK2HgdhdruYYNZ0UKRJto-PvN8JXPhKjuCSZe-y0O_7CD4cGdNP3g==

GET
H2 200 4b5095cd-809b-4bbe-8f47-73b395a433ec_600x600.webp.jpeg
d3li60t7cgizua.cloudfront.net/images/ 7 KB
7 KB 694ms
694ms Image
image/webp 2600:9000:2182:400:8:217d:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/4b5095cd-809b-4bbe-8f47-73b395a433ec_600x600.webp.jpeg
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:8:217d:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe45f6ec4639331a9271ca9e58cf019079159c971d21c3ef68192ba9a0bfe9d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
x-amz-version-id: Ku24Qd.p9o2zJMOWRWcF8jc3bgRjD2.g
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 11:23:55 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "d100c47771ee95fcf01620ab7ab09e24"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 6852
x-amz-cf-id: X9hTQnGTDwRbVEho5vV1R7QdJq2VPALe3bsDF5QnkbbULLGk5RkT_A==

GET
H2 200 sid-logo-new-light.svg
microsite.s.id/images/ 4 KB
2 KB 1085ms
1083ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-logo-new-light.svg

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/ 354 KB
116 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31070637

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ef29a585868c414f1d58be5ef6e3fbbf82760dffaeffde191c9c12706acf0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119050
x-xss-protection: 0
server: cafe
etag: 13539806291244757379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Nov 2022 08:54:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 74BF 10 KB
5 KB 130ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 13:51:06 GMT
etag: 2424782735605397694
expires: Fri, 18 Nov 2022 13:51:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
691 B 173ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s.id&callback=_gfp_s_&client=ca-pub-2742216534640545&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31070637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea3ca4bf11630df3dc4ada21e4c6feb51dc8c6f200f78e68989425b45854641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 141ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 147E 0
19 B 206ms
127ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1667638461&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Findovegas_slot&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638461621&bpp=4&bdt=257&idt=148&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3904261317885&frm=20&pv=2&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:21 GMT
expires: Sat, 05 Nov 2022 08:54:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0e17a967-c551-4534-adc8-fc85c74dd31e_2048x1280.webp.jpeg
d3li60t7cgizua.cloudfront.net/images/ 42 KB
42 KB 685ms
684ms Image
image/webp 2600:9000:2182:400:8:217d:7c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/0e17a967-c551-4534-adc8-fc85c74dd31e_2048x1280.webp.jpeg
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:8:217d:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92d8167dfab228666eddc84bcdf25065e43da49447dde175abcd4f47709c6152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
x-amz-version-id: Z7NezNG5FT2owm0RhuzwjWf9ZtUO1NG.
via: 1.1 26b0de44343edcaf19972d71d8e0256c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 11:26:40 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "fdf34b8d66d979d9f642dbfbde83af87"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 42868
x-amz-cf-id: jsXf3FwuittEnZVhRWNqX66nFfezt78lq3lWF3lNboeYd6mSjmsLGA==

OPTIONS
H2 204 adcap
api.s.id/api/ Frame 0
0 1225ms
176ms Preflight 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/adcap?short=indovegas_slot

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://s.id
date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 adcap Show response
api.s.id/api/ 36 B
412 B 702ms
298ms XHR
application/json 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/adcap?short=indovegas_slot

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-c869a927cd000cc5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1667638464,n3v7ou,ee5132b5630d46c77b7969a4bc11591c
Referer: https://s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
content-length: 36

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 119ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=2oeb20&_p=712595624&cid=1249210336.1667638462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667638462&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Findovegas_slot&dt=IndoVegas&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
330 B 118ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=2oeb20&_p=712595624&_gaz=1&cid=1249210336.1667638462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667638462&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Findovegas_slot&dt=IndoVegas&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
330 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=1249210336.1667638462&gtm=2oeb20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 151ms
63ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=1249210336.1667638462&gtm=2oeb20&aip=1&z=349360730

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 118ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 128ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B223 31 KB
12 KB 381ms
381ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

230034e8211b62a83adef21a5e70795230c3a90df2d02ce8c8456945c6492db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12576
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: Sat, 05 Nov 2022 08:54:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 426D 32 KB
13 KB 355ms
354ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2fab65f37795b3f2f3c5678e7fdca776ae2ab4ec5d09d8c5c1003e59c250ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13010
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: Sat, 05 Nov 2022 08:54:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E06 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSMiLvyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLcBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa53sEImxzth4CHMOtQvWc-Os-5WpW58QMGMjMhM8BZGgqUp6KRmogAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=aqVoQ3BIGvI&uach_m=[UACH]&cid=CAQSPADq26N9E5ei2tPufpHck0jiQgEB2Q5Nz0fNO8jz-CJyLD8jeooyynQ5lwe7lKNFyUXNUZ4kk2JKvRBbohgBIBM

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 08:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5E06 0
0 120ms
46ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k1s7h1eh6ywfhnbj9zmp81ysce8gfv23wc0k7r1vz2cqw3en8dnasfr1w7skjgjzceyjr6kcafdq1ex0vkj39ty1nhhdqt8c5n2nyc4tekj5xreyv7kj22q00w4nx90my4pvkd17cm8msd7bswgk16wms0wjg08f133ccf4ja914906r8v2wswv3x71g867n353jxpds3begwdkyew6e213bwga5ay8qnd584gs8xw451naqjta80ecdmpv3w7ye5365fm5cv04q737amw327pxb2e0zhqwpwn29k9j7ejh0zft8km2sxkbgk5tx4dc7eb8hbxfvphjgthxq16wnzhtdtj1nh4yn6m9z8781cvfhw1xdgm14v8r0t94z614jd99htzrt7hvdqq0z0g8g0cbpd00t7x1&b=Y2YkvwAMB4AKwWYOAA5t4wWNwwHuBvhrvgoy3A
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 267E 2 KB
1 KB 113ms
74ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25db29b5416a8ff7407d6f5a537981b4443d736a3010a2cdbbcf847856af8ff4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76545d511dcd9b2d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5E06 3 KB
1 KB 132ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 09:41:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4FFE 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 09:41:52 GMT
etag: 48472445140208031
expires: Sat, 05 Nov 2022 09:41:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5E06 17 KB
8 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 09:41:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5E06 0
0 139ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPwrnKRyVGPevJdQyzoL5hDDysB7oZFekSvCqY8iqiYNN4gUarxrgGdOG-cYigneJRtFDgICnvEQMY3QQtbXCOTJm5wQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E06 154 KB
48 KB 144ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 08:54:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9091 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuziRvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuAFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLpfVKzs3mSOa6ZqCtuDr5LiLkVZXUSnxQWaw04PjP1DBZ7Kg8cM-gAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=cz4H--wiiHg&uach_m=[UACH]&cid=CAQSPADq26N9dBrG194cNU5hTHgm99Ml5QV54OM2LFZy2uB2Q2Yx7MQ3aUjvcG1lmpHE7RVlbqQBUlo3J8lQOBgBIBM

Requested by

Host: s.id
URL: https://s.id/indovegas_slot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 08:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9091 0
0 101ms
44ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j200qx20ayhr3yytfnw3pvtf7yv07n9z0a8hme6xd6zmb62ypxs7cvb4rpkek93sgn7v8n4k2hj63syzthtzzfx7h3xpss1nq6nf8ba475dbtz6309j9kcz5v2an01jere3qyt6cfjdvkxxagqvgkszna6pybqyr71f9p03qh01n36dybaa8dqmjamp4x57nazp56rck5t6m6fr5rcpy1hy4c292qc8j5k0nax9mz6j309w2beq9x2st56rx8xathfj8emqjjgssp4cmpn0epjgdww0vtqkf43h1p4zyxf5m4z9cyga6ev0pt640rmpq10z51zy0hxg2a57vyj9jfkqw40sge9fmb26cxsqvt1h5psv0keeee3yj4vk29dq16hm2c2f070eh694qdq5cdb1me027qhp&b=Y2YkvwAL8JIBy4V4AAfEHnE8Sktmai7B3UpVyQ
Requested by: Host: s.id
URL: https://s.id/indovegas_slot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame ECAD 2 KB
2 KB 71ms
50ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b205e78f3d47979467bdbdb5cad9de68031a6d15bc9eac56d812b0a502d03ea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76545d511dd19b2d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 9091 3 KB
1 KB 118ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 09:41:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D22D 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 09:41:52 GMT
etag: 48472445140208031
expires: Sat, 05 Nov 2022 09:41:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 9091 17 KB
7 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 09:41:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9091 0
0 121ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKBAaWr8AP4gF4ymdp3belqtK4k_EGbUsQLjP0s5YoMn_X7iHEr2F7XW6_exgorG4K7XbS_oxoM761ly8uJ6ZOAFqyOA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9091 154 KB
47 KB 181ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 08:54:24 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4FFE 35 B
462 B 45ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOcucV6iHlJ0odjuF1jjKoA&google_cver=1&google_push=ASkJ3FZtPPHpYASfJfZba5wxROPvnSwuPhk6-IjqdooZBKiOB1LnUz2Qw4gyYWVklO12zXq5CzqcFBenv38Axs_Zvbz8lnT084prWlzlYNZAe19qJRZoQs13iu659YDRSNJYUjW3eIG_0gL7e1GlZRAr0yg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4FFE 43 B
356 B 141ms
40ms Image
image/gif 34.98.67.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDcfgqvZdfOKkfe2ibqFMqU&google_push=ASkJ3FbOE8Rv8MScdnQpsq4X0P5gpvvy-HZhq5AYhUz0-0-WGKmMVrY-PWI_pewcq-7NMWqYCFQfcQrBEnk9FZDNMnkzeMPQ1aRVb2oRUXaTwZijILAsD01HNONHt6Aee9fK7GUci248GhHJksb8szCMmXA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4FFE 43 B
351 B 161ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBc-RlABxhXbWDz6YKqDWAw&google_cver=1&google_push=ASkJ3FaRTLCuF8TEumBr7PW61piO3JsHOHRWmZkHAt_BzmmTdtPRDU4hCNb37EaKqy0CKUDy2SP7EnwmI1fDjyblVCR6dOJ2lLQwPZo7fcsoA8ER5OFov4VAYzmiipFOQjj5eGCyje54CGnvIcH2sBLfMBY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=2864336506&pi=t.ma~as.7399768513&w=500&lmt=1667638463&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=1&bdt=2335&idt=1&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0%2C500x280&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfCYLlvMJx&p=https%3A//s.id&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p7eu3jqdqckhv448mdbb9b21mi8cfmuu

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FFE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mrpVEGiqTSC6yBwlsdc5lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

102ms
40ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mrpVEGiqTSC6yBwlsdc5lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4IJb3u6q-qHhwr9R4T8SULkKyB1P5k1w9HB6NJiNJBnrLhoTUmLf9rRwNu1AZpiTpJaPBKJz_hFwTYQ2QmscHrNAQYAeRa70ybNIxoeqgxlY6MoRiqZ3xq-oC1ntkY1TxvTXihtoJutuAXVB_Yw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mrpVEGiqTSC6yBwlsdc5lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ4IJb3u6q-qHhwr9R4T8SULkKyB1P5k1w9HB6NJiNJBnrLhoTUmLf9rRwNu1AZpiTpJaPBKJz_hFwTYQ2QmscHrNAQYAeRa70ybNIxoeqgxlY6MoRiqZ3xq-oC1ntkY1TxvTXihtoJutuAXVB_Yw
date: Sat, 05 Nov 2022 08:54:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4FFE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrB4TYQG4mY8FBhshpRhhA&google_cver=1&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVItMjctNjdNNw==&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk5OuVZcmQhMQGJT_dctQyGRAWRm...

170 B
232 B

39ms
39ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVItMjctNjdNNw==&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk5OuVZcmQhMQGJT_dctQyGRAWRmFMO9RLD7FfoQd6ecGBEzixwigo8T4n3vvPTiCUC6Ws_krW_iFehlw

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVItMjctNjdNNw==&google_push=ASkJ3FZGOnAzqhhXsbwB1rDG9Euqyo3A32-614NcF5e97RcLhOnOKax76YyTsks_kApBo-feytk5OuVZcmQhMQGJT_dctQyGRAWRmFMO9RLD7FfoQd6ecGBEzixwigo8T4n3vvPTiCUC6Ws_krW_iFehlw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FFE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIU...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIUnu4fCBSVizfj_mQNY_dFVtA99Uk0bz5m-ItKDXxnc5ETX9sL814gekhDkD1RGXL-WYlzSLD-Hwo5z3c7NGNEWUDnG4YEtJUgC4Ug4G-C084a4Yrfn8ab3E

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4jG4HsCX5SBZtNAFbtoi%2F4aXCigjDCzA1L1OVOjRm0lPNVPiLy7TQ7AEqlJBLxjKMP8x32m%2FaoJEm2L09YDmSzxaV6OcezbxpzUhu0r9RYriiNSQBkWgnlMM5nbSWrHUxY4sbe4xg1pJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEj_e_SyBOlG9noVdpC6hFA&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=ASkJ3FZ2gpLm5Mb-p2chWlSXhmpc995bQHDIUnu4fCBSVizfj_mQNY_dFVtA99Uk0bz5m-ItKDXxnc5ETX9sL814gekhDkD1RGXL-WYlzSLD-Hwo5z3c7NGNEWUDnG4YEtJUgC4Ug4G-C084a4Yrfn8ab3E
cache-control: no-cache
cf-ray: 76545d51ffa6695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 4FFE 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4FFE 0
223 B 125ms
40ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LP1vnQtOCKDDDVHe1vwBlPMOHmu9d0opM2ieHvlTKVTNmsBsni48IrmSUqRHp6GgsUDhCabA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame D22D 35 B
464 B 27ms
8ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAK0WnrpDIj9m26i7O3T6Jk&google_cver=1&google_push=AZmPxg9V5iSZXGNStuGjdrKTnT_g-I_LPyiRbMdYxTc91MqpAtbEYI5z0YnSHbJgqm5nxEDc1i-W49rKvjljVsCwGOvuDftR4cg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame D22D 0
98 B 128ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8tVmK90cUp6VgosIkkNcyTWTwNJJ_pAjQVBNiV9f7_zXxOXugA1y2wyLv_NWkgRz1nulrSWhGpNQaL-eP2yFAxcnZcacSu&google_gid=CAESEHjaqPKuNmnCs8MAzhe1T0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame D22D 43 B
106 B 124ms
41ms Image
image/gif 34.98.67.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBAtFh0MLB-AeLRozOyH7Tk&google_push=AZmPxg-iHGkDHYLW2QCmK_BPQxj2KPxGvK8ajcMzpLhhLj8mzOusMuKJPn4DjiVpycg2wk5cJs9PzzBOBnd3xDQh40zrm5PhJjs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D22D 43 B
134 B 143ms
43ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENuorPNpd3zWoGgTDk4DqGY&google_cver=1&google_push=AZmPxg9XlOBZyzpsPsF_r06tbQ213egl4g_bJHO5--4ri4xyg5uOgAqk_rUoxpnBeKo2ZgmthlylE6xqtIgjiSsTlbpZ4c0XB4M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2416844047&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1667638463&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Findovegas_slot&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667638463699&bpp=2&bdt=2335&idt=-M&shv=r20221101&mjsv=m202210310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7cbd0ed9211526c-223d1f3c67ce0026%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ&gpic=UID%3D00000b7cba8633c2%3AT%3D1667638461%3ART%3D1667638461%3AS%3DALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA&prev_fmts=0x0&nras=1&correlator=3904261317885&frm=20&pv=1&ga_vid=1249210336.1667638462&ga_sid=1667638462&ga_hid=712595624&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070637%2C44774606%2C44775017&oid=2&pvsid=2418328749668048&tmod=187643053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2NMlcrIMI&p=https%3A//s.id&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dv64idn7pj6g39eshpa23n0iov511aue

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D22D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5mEL56ORToWPcAq4uaIoFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

104ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5mEL56ORToWPcAq4uaIoFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_nmkyE4ELb9TQ3jEkVIRuLjOukpnyVyZ6MvGJUqNsL_UHO4I9BWoR2dClEYLdzH2cfse-BIuIJsvkJTfj4jxR43hedi7Qa

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5mEL56ORToWPcAq4uaIoFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_nmkyE4ELb9TQ3jEkVIRuLjOukpnyVyZ6MvGJUqNsL_UHO4I9BWoR2dClEYLdzH2cfse-BIuIJsvkJTfj4jxR43hedi7Qa
date: Sat, 05 Nov 2022 08:54:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D22D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEamJ-T6pc6h-FTb9jR5SeI&google_cver=1&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVMtTC1FVE1P&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8tviUC2fQLlqobHHEkbEqFbXg

170 B
329 B

38ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVMtTC1FVE1P&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8tviUC2fQLlqobHHEkbEqFbXg

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEzT1ZVQVMtTC1FVE1P&google_push=AZmPxg9uLFNaI40_rh3SH6Pa9-SIDkXtUPJP8xhrpIDdKHXfRnNTTwQKhS09iJkwvtL8Xa6BVr8tviUC2fQLlqobHHEkbEqFbXg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D22D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVp...

170 B
188 B

51ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVpWAh43Dkpm0Ct-fKu9msX3BcoQVvPjw3RTfCMkbeSKtpwrufR0eqXm9TCODB8MmZ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yu7PUKEtIQ1V4pW%2FUiiRYiDcylCvQBWkVjRvVM7tc344zn4unlPgM7Pp6oVlg%2FOrNmiiYPLQet4zbaUsWTLPbCM5x1bXPrKvrc%2FiBQHVSyQqw%2Bakbls0IMUqo79sDE04BQV8bO1BlANjhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFmZEUbSayUMJnxbWild31c&google_hm=Y2YkwF5aMNFstSsikQeyJQAAFB0AAAAB&google_nid=index&google_push=AZmPxg8peAO5WniCd4S6edWaaUApa8eBI1pVpWAh43Dkpm0Ct-fKu9msX3BcoQVvPjw3RTfCMkbeSKtpwrufR0eqXm9TCODB8MmZ
cache-control: no-cache
cf-ray: 76545d51ffa7695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D22D 0
49 B 107ms
40ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwUCCDEYfk8Y4zoUMt0Ia6O8zYfeC85jVpNu10c81wJng1fPFVGT2b-EA_Gp1u3aMEXL4i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame ECAD 89 KB
11 KB 67ms
35ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 228523
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76545d51ac179152-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame ECAD 36 KB
12 KB 44ms
36ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch1hiPHiGIKruAXIRHoYjd4o7N8RirV%2BO6y%2FvpxKxHTAzmYB8e5D%2FvKRDVxxJrtuCCSHQFKCE4ZeWB%2FoJ3%2FBLgS%2FQy%2BP%2BbcMekTO4WBPHxhQAmCgtfiSshUQ6eQKCrNJmh3udBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76545d517e6e9b2d-FRA
expires: Tue, 25 Oct 2022 10:40:09 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 267E 89 KB
11 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 228523
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76545d51bc459152-FRA
expires: 0

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 267E 36 KB
13 KB 36ms
34ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQvi4I80FpbrxR3bnfR25DgnjiDQUpdSMrhlR3xXLrPMLXurZRIIF8cJPPZANoiD7FZ2SZBRr%2BjFnAQd7H33hHc4AF50Vot%2BEPndFfLIVYWXhj3lgdJK2lMdkeDvOnPehP0IaQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76545d51bc489152-FRA
expires: Tue, 25 Oct 2022 10:40:09 GMT

GET
DATA 200
OK truncated
/ Frame 9091 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d644bde47c0875c42e94873332f1f36fb601193bec613621037abd251bb34d72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5E06 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16792f9b9f283cd325abfcffd531e65a13bf4fa2e180f6490f193dbab974f1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ECAD 3 KB
4 KB 74ms
28ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24542746
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uttF61i7%2BEjztmgeKIovwua8zZ6KHyha6tRmpe4JKA6c2frMDnjBXHKBuNYqSqMYGRRWmMWdbGRp4f9YMUN2r0xbtt0Yd1YM2el6nY34JaS9smECfrKYSYfoj5GJ09wwmFHx0lQNObnY%2BLuelg188tnh"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76545d5239f99a15-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8C66 2 KB
1 KB 46ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 823751
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76545d51fc8f9152-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDhmZYkjB%2FE5JYYxN0mFbEY8WHZn4965VDm8BjxXvPyXbtMv%2BQU4rv3ZD%2BefnNbE4OlsXA2PB00QBSBpm97UhNlrDnNvNTymetTeczg8ZIhv5d6CtvkGcgYsZqXPreK%2FNTaatkI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 267E 3 KB
3 KB 60ms
40ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24542746
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hQxxgyI2qxw%2FifpYyYZvluJ55nHb36WVNmezJd4iEYmWxhKnmhvhxRqJAyHox39A%2B5xUv89rKxZSsiwfzFP7XShLGCSvMhIU5qAUwnwedP7I5ewKqkkn8JLPlLyA%2FlFjTyEPrPnrX7PglBXaLe7xfT5"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76545d5239fc9a15-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame B2F0 2 KB
1 KB 28ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 823751
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76545d521ce49152-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FP9zUipAdCND0gpdHSVKByFu5hqa6H%2BUsZnQZln8OfZCi43tbM1cyfqUYdRYZwSiLea5y44sWQyOJP7V6HGdhjZRwFs4SJ8y%2Bzj2s3S06ATKoR4WKmYEwRJ%2FxEqvj6u4XvEZEI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 139ms
59ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536f88d0003030fbdca09dbea227d057c2d86010216f28f6b9412c25ebc26d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11195
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame ECAD 1 KB
2 KB 49ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ffac90b31faff841b9c65e5ff1375673caa24cdee77eae3296b998a715d0e4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPX3VgbB%2BUM6ueItiul%2Fj69dvnnWKgx%2FVpj%2FyeHegV%2FphyRaFOxmv7LR%2FORPbqwM1hQcUecP0sKIVzLFKKaok5L61AItU5hnY6iip8os3CtrVCZCoUzXXRlwZj5zwXsaoCEF8Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76545d532acb9170-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
48ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76545d52ca2a9170-FRA
content-length: 24
content-type: text/plain
date: Sat, 05 Nov 2022 08:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgLcL4bH12tVWrXP5MVT4sFr%2BJpuHBoE5OWOoVe45%2B%2Fn8vZ8WMLS9rKjxrAmZJfP9KYG%2Bo2B7dQsKgNnz%2FUewr5TY9eykrA63lyRdczTt4PI%2FxD8UfcnI4F0TdpHiERA1Cb%2F3GI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame 267E 1 KB
1 KB 50ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624a68226f45bacfbf1135e7f1f982ce9f98ccaaaeea5953c27609fad49d6025

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYrTKBze7O%2FWkk9xxKTSHvM1uWPXnETC7kOk3H3a8QgHpNZN7506WkXB77vGh%2F0Zm1FFM%2Bi%2FSG8vmnfoMb%2FhrYaqMEHPtEf8T35MOX9zC8aKmBGRuuJTLRpf9FmT2%2B%2FGy6cZIQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76545d531abe9170-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 61ms
44ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76545d52ca269170-FRA
content-length: 24
content-type: text/plain
date: Sat, 05 Nov 2022 08:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm127ekqlfM2fqXzFCWmVFgPwOUf%2B1AOFM8L%2BQlaw0PVVd2yx5xUmB9uMiur79iDh33zn2a5f0q4z7Rv6eSeByHMlZIBKpwHkrXcSo1OE62WnScUl%2B95T3v%2FgK5ABl8FjTnTHMQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5DBF 3 KB
3 KB 48ms
39ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2a6f06d36965e9893af843b3545b82b1e7467fbaa6cd8fe360d58dd03495a9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gw9je9n4q5h0a2pjmcfkes642hbpc0yrv8ha3wwwsnrpjvnvw6gpezwaztd6kmv42nmz1fyttpy0ed4yw0hepfknsz1vhv467j99g7dkmr4z4861syetgtskw7f15hp8e6nj3gwktk52gw246aw6zzzechn3scxz2nq59pz4b8fge5krj9c5m7mn8t41ce2cy9ztrwe3p5zdw28qwgbc9702j6cdrdzfva5gh8p07nzdxqybfzhze13xrjnmfm3pyqc62ckh7wg0xa5fen300ghg9jsj5eg33zt84fwgbfxk366mvpzfs5x0gsaw097yrp0qbdjcn590dnf6x3dwkheacaggnkxs3f0tnwc0xsvjqf3t97mpzj6czc33sfryxxcfx5cxza0zsmkkxjgan8me189t7d7555baw0vab0ymvsf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%26client%3Dca-pub-2742216534640545%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76545d538fa39152-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2F78 11 KB
5 KB 81ms
75ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

976d5e2d2e11df4170ce13fe3214f6e9e3b45c61a72d6f34bf6c0250d1a082ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k3j8dfa2wn89mw5x61vvmqm0a4mwmjmw7vte5ggz0zdbbgtqjnmvwqamsjj7766bs0cndhjp0g6v9dfn3kjmtqp5c0vgs4aa7mdyvkgxamrz47rw397r3gf4wpvfq27b7ktb97gb1kpjnp3d4jdrmar5a55mt602fjtzpvqg64p8cb69jfx4t13jd02acrb94avb2zhebr65t5src54s8be6zgaa4wb51t0k4386274vz28hw5stavwt62x8w2h2jm37e73je51s9gpjkbdmp7p2b8q6pe5ftn222416qmzbvdk5qs56qhr7bsgw8jd6bj1n0sm4jrjh6cwbzvzr8whqbzjz850wqeaa1ca0n9akjbwxnb53b2sphktq93na9dph6bcdrymatrgdfj9ys3ke1ypmdthq0bterwp0fffktckmr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%26client%3Dca-pub-2742216534640545%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76545d538fa49152-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 136ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 08:54:24 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 5DBF 89 KB
11 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 228523
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76545d53f86b9152-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 5DBF 8 KB
8 KB 55ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2301270
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hvxBA8pQGO1WSPhsccDYkDXK6SLOWES7sM8o2OcJgDcUDSKo89SjoBdjrW6M%2FEobvzR%2FOihF3IQp9rcragL40teTVX21GqEjXYhIJafU8hV6khGWl4ZxNu%2BNndldstx0dfQnZMAcpo3xJO5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d540b319b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 5DBF 30 KB
30 KB 32ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23486
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1YWJ9ap3zc2WrT5KjdBlcub9%2BAGQJN5unFraSAUs9fBFB4RyWdqDz9tJnG06JWZ7YKG8%2B8Ga73a6zyUEYCfOqyWqzZB%2FD1KMVp8CNVPgWpPIAZGuJG1%2BQugb0U60LDbfmOD2BienfKrwGdl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d540b2f9b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 5DBF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKG9t7LVlvsCFV-T_QcdV1ID7Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ab1990-5ce7-11ed-9f2f-2266c0ccb091

0
517 B

67ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ab1990-5ce7-11ed-9f2f-2266c0ccb091
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=fdfb0c9abfe676a0cd1cb18e379fdd24%2F2383635696878187991&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464521&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb6jqbdr5wk9fvrkm0ygq7bt2vaz1ef3v44yhkg0kmjm8ttyhyfsvva9f9r2fxmvef84m2gejgzjspfr2ks5tjtcy2f8c0ntq6yt8qk289ek7rv25h4y5pp1h3tksr27ey0kh8jpyvcjq9hb1ze0vd3qnfgj97s7xy3cax71kfver5mq20gfrnacj3r3zfgc8rkrsjgn4q37g7b3m6kqs3e94cgg6rb1m1ar2jnb5jn92wd4ps6q9mwmjt70kfh06pmwg7mcpadddk0rmy0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn7i-vyRmY4CPMI7MhQbj27lIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjc0MjIxNjUzNDY0MDU0NcgBCakCSiK0d120sD6oAwGqBLoBT9DBOt2TIa4VUDNqdJrTEoCvE7vu-zrYvSzlWQOG8fXfWQMk78Ur8dzJSz4wRH0-AE1q0KqIcJEueYjdQ8SI8ltz9Mow634U61GJKC-vqp4X-Wrni3UTxU799upS8XaKkhr7LCwu0IxHyVchvGiQU1KmwKYMohQEB-8YNjWTzZzOTBu9ThFXoquAZg3G26Iaa9_uMRtmN184wPRGI9Gf4RGV758EUbEI7ePhe4HEkY-MsZ-mtllgWY7hgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14WMcnxiafG78426ONrUnrm9arRQ%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 08:54:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 05 Nov 2022 08:54:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ab1990-5ce7-11ed-9f2f-2266c0ccb091
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 2F78 89 KB
11 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 228523
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76545d5418a19152-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2F78 8 KB
9 KB 28ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2301270
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWLfyy2YrR4s60mqUpv1MfkyRvmSQPFKhz64lqb7Em2e2kLpgQOA6ro9dgVMh9LNOC7%2BLJj1ZsVjW8atacna210b%2F6N4gH8EinCESBfJK4b2T0JpFf7W3HK65qXhGuNk6Fn46FgEmTn4G5NF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b5b9b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 2F78 93 KB
94 KB 44ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1436567
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLS1w%2BdRqShLu1LD8gQ8RTpqDmDOvNJU1kJ3pc9o6yqVXvPQx%2BERYV00tclBDYXxcb43qLwBSBEDtIXSbiu19%2FAn%2BSjCiHJeXWoC5SxbX3g5RSaWZs1GOkl14xHJU4TNH0dTEp20bW3miYGq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b789b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 2F78
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKq_t7LVlvsCFUmG_Qcdcj4Ahg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidWGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzjoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7

0
517 B

55ms
13ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 08:54:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 05 Nov 2022 08:54:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1667638464_72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2F78 18 KB
19 KB 45ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 911785
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BV0%2BxXO7rUldlj%2B9btSTaUnqC34Ik%2B%2BX26RzqmEoibc0I95Bcg2XmWPFlfUf9ezS9e%2FQqA%2BFLaSM5fe0MzyePrCPHG9HLAizUdWQBKnI8CxbRYC8n%2FnL0kxKFGwOhXGo%2FgF6Vd1m%2F20w2e0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b7c9b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 2F78 9 KB
9 KB 45ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346229
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGIpBPOxr%2BS9weiYQBKZHDQRLoKdeUMzqTZyPZkaQQO7KryRX1FS%2Fii1folRiHgR6fCHcy7fP7RmIqc9EkmJj1sTqfQr5%2Bpj%2Bfc9%2BToG6Sle%2BeIyBFwydXkiu2dK83NvMaoNwYfDAM5iEMNH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b7f9b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2F78 43 B
704 B 110ms
37ms Image
image/gif 23.203.81.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.203.81.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-81-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 08:54:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 2F78 127 KB
128 KB 30ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1436057
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpqbhwFktXT%2B2mNwk7UHwgc4wAbs%2BF%2FIJHzttiREb15LUewnO9LBuJ1NBTBwZK6bjwm1U85AnPqzuzd4Z9bA%2Fu5O83RCUdiY0IjCOuzvcxgSoW0RF%2Bja3CiNFPp4xfjg8aXLdaBCDHCfJvx2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b809b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 2F78 461 KB
462 KB 44ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2636100
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHaYbYoHMnTb1bA7spVmmT6axOOVfonRvzvxj0IfKNFVCKvJYddDT3TK9FU75ARaWpgnRcwMV6F%2B5FIyYgZIRn9nwKEs7Lfp3dJiwmQxPzl6wopAK2%2FHIy%2BSovd%2BeyYkRIEuubBSS9HFr1jm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76545d542b829b2d-FRA
expires: Sun, 06 Nov 2022 08:54:24 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2F78 1 KB
2 KB 129ms
72ms Script
text/html 13.41.138.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8xh46j40p24dsasrjy3z924r0fg8ypcdsq4k7tws9xmcy2zknpvhyr6twa5ekss7mbc8k19dt8eaw076vq53029d0b77n842vy5htpw6v06j02s7jwe3nxxvff9b41nhe773xwx6cn8rq9fz6fvw70xe2zckvesce56afv7ek4ycxd5nm32fvtg4e49jf9jdvnnrykm8n91pb67ed96wce0kk08refkqw3fcdgg7vybf380j7cksnn19m7mskk1w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%252526client%25253Dca-pub-2742216534640545%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.138.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: d0c814dc356ccc79fcc9cc955665df4bb8f65ba0c63398b9b4d1f8ec62af8c95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
last-modified: Sat, 05 Nov 2022 08:54:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 05 Nov 2022 08:55:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 415F 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 23:45:45 GMT
expires: Sat, 04 Nov 2023 23:45:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4362 783 B
533 B 123ms
47ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

367ae8eae4e2f0f800a59cf6cdb7959c2c1a8c84a5dcebbb30139e4b90ecd0fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XN0rOa9XP1uwTGb_hMMcew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-XN0rOa9XP1uwTGb_hMMcew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 08:54:24 GMT
expires: Sat, 05 Nov 2022 08:54:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 415F 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 05:03:34 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2F78 85 KB
31 KB 85ms
16ms Script
application/javascript 65.9.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8xh46j40p24dsasrjy3z924r0fg8ypcdsq4k7tws9xmcy2zknpvhyr6twa5ekss7mbc8k19dt8eaw076vq53029d0b77n842vy5htpw6v06j02s7jwe3nxxvff9b41nhe773xwx6cn8rq9fz6fvw70xe2zckvesce56afv7ek4ycxd5nm32fvtg4e49jf9jdvnnrykm8n91pb67ed96wce0kk08refkqw3fcdgg7vybf380j7cksnn19m7mskk1w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%252526client%25253Dca-pub-2742216534640545%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-41.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 04:24:40 GMT
content-encoding: gzip
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 16185
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sDWWLgNmF02NVO80FAqNCazN-TxlgrmyAiBanlyNtOK8DBubLzuzJQ==

GET
H2 200 link.html
track.webgains.com/ Frame 2F78 48 KB
49 KB 96ms
96ms Image
image/gif 13.41.138.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C14044%2C183975&b=WGAHrfdf2X6SYH5Hjtxtrd3t3SETJrMTzj%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1&f=5R8tXfEfD2KcpH7HMtkCb95fYSVTV27ud3%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47&c=300&d=250&e=&g=2b31f5fd3b6f11c7dfdb4d25811e699f%2F711891341793004228&i=25174%2C25007%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1667638464522&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtn2xpsbm4jaarha5q2qygrfe79fhw5skwmdjb0c6j1bjepyqqs7dgj97038kyyxqatd8p4fpnj5w35r1nth3xbvefmb2vppd9zr9xpx4jcezhyz8dz30tvs8ed8k2xxzx69jqjfgn5gb3wvbjvd7sn12s766dntw1kyt9fjanyxh0ym930ypnqf1qpr0czxk6xg9kt7hp276kn743r6k8hm47pbshkdvn2jkmaw6735mb0d38thm2qya23b288gfp4k88ty7dzarfdq4eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZC0GvyRmY5LhL_iKrr4Pnoif2AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNzQyMjE2NTM0NjQwNTQ1yAEJqQJKIrR3XbSwPqgDAaoEuwFP0EZto0lXpFLHY7_-ht5pYTN_7Yc7DlAMTmgOwB9I-LZ-E35B8wV4Ja7cFO4wW-T35Kru-z-FDDoKHhidgKtELP4o5LUjLjW8jaa8sIUB2aO5NTQhTsG-B7Om6fAae9kFRbrjceWkOwk9NcQq_VKY1CkkbQMtOKZWGYs85KJ30G9dHavnCH31wfVJK-tSjc0vLtXXCqngYKTaIR3KIDqidkqyhVz6WwfpnOZymhEbq07tf2d8boP2tPlLgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3VDjGCsmKBVJ-9QMH0xRs3l2-S0w%2526client%253Dca-pub-2742216534640545%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.138.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-138-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
last-modified: Sat, 05 Nov 2022 08:54:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 05 Nov 2022 08:55:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4362 0
0 72ms
72ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=2418328749668048&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 415F 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cEmGLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 08:54:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E06 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO41nKVlB2VVOD9-NV4r3l1eVcZ16xSyKTig2F2QbwEJ2Bq81jZPJpKdGAaG3us-PaJsDtQ1C3WbgAnClwdzUyploo&sig=Cg0ArKJSzIaVczUJEYBzEAE&cid=CAASF-Rodgaqq4Vf9DWUlLngqEJtbhWaEFaJ&id=lidar2&mcvt=1002&p=0,0,50,320&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667638464118&rpt=250&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9091 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUBlFP0GsMEOD5n0ModTmyu8bQ7pF96jRU1TzsQL8R1JTZEHW2BtlDv7nGmzD36NeccWlLeQHjtJe1lkI-AFulQ0sp&sig=Cg0ArKJSzBr0wmEMoU1eEAE&cid=CAASF-RoWqNH3E7isOeHVrA-emRNAh9SDcVI&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667638464137&rpt=277&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=2418328749668048&bg=!WVqlWh7NAAZPh4lnb4c7ACkAdvg8WuR4YVpOxh8tx92TGe56I1uhXXH7bwoUtCvDc2NnzOchtHuiiwIAAACFUgAAAAJoAQcKAMZvsTsJ39N2XbiH4NguELjghDpU9wcPnwO6Yp4vz9Ed5anvB45i24agb3XPgXghciCUZ9wT5OB5BLi2W1_VokNRZHyCZaBSZK-cNCmpFgJjyzeDm69WzJt4mLrIuaOKzMIB0to2GCHsgCiwmsQDwBlcR6eXYbX4f6WtJ0QHKE9RjnHVJzw58ESnOv1ei1IMEixbHU_3lOfdCb6wHms0FdpmEBVMT59AC6j0xXk8W3G4PLcj4fKZulnlWTexprVIdmHIBRK8h5WZApe8xVhPgGrDrtO9jhWsRx3wj2vdaW1pQOAe9nv6vGd9RBCn0T2lnAomnJxC6f31-oD6iaNAQMlRHnVJK-XIp3euncitXssFQKgth2A5LSQeazdq2xijxNVZWmpdcBEd97n-kskLpxuMp4k4JCWznWHgQnrD200NCoCsMCmSHDTJOnHhQjWpelRw8JqnZslFR-d0aoLnuVmZqrgWtUjFZP7OzSGeEuwRllPyl6bD7xpaYkoLpd-vXYzm8W5gcAHrdrY7IclMGCMd-KqwTF4jWSJEoXLkTMkXqt0i9faPJYwyg1vS_5F37S32PrsDdqErwe6rlePc2pLsxhVL1FEdseadd8maTauTlkIuZxjx2GH7nen114D_mRSrqDq1fXmBfEWAD7t_P3InEWY4nCXVKUuV33ayFFbqxZsLie1Tw8DVThwVNtNXrdeJWmJV42158dzRx-BufeMgDjRWD2PcZCnIbqI-AfncO37w36AdZS6eOsDI7hZ0YjUOFjq-pmSAPa_-N5UcdfCgaGT2Z50GFiwQzHPOkNOy1h5hCqK-fgrXJFybkfqum_8ZGCkWB_mSp_4hJCujpZhTuMz6et1jdQLTIgDPTV3Zs5racQWJIntGuciUjrHLV8AmSsCrAjiYP3MmASRS7MJ4EwGQAKo1yGN0er47Q6kfAmkZLSO8CLgpOr8B9O4g00DFmuH3-sBhR5gBJayzhRlB2uDbgS_P9Q4c-HT895Xqxsn0alli_2spjeCc1RSlVyfUa61cLqqbU-fQyVWgdodsNCnR9yQ68leKd8ByJdjmXX2iUbWGJdh9hwtl9PrVPJlPy4PixO7x3haN5hIBIc21hfQa3jjv5uSfGD3oOAIOSlj0DhyFY5IYcv4pxnEGkFs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2F78 16 B
232 B 81ms
81ms Fetch
application/json 35.176.203.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.203.209 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-203-209.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Nov 2022 08:54:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 102ms
18ms Preflight 35.176.203.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.203.209 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-203-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 05 Nov 2022 08:54:25 GMT
server: nginx

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 96ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=2oeb20&_p=712595624&cid=1249210336.1667638462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667638462&sct=1&seg=1&dl=https%3A%2F%2Fs.id%2Findovegas_slot&dt=IndoVegas&en=page_view&_ee=1&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 102ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=2oeb20&_p=712595624&cid=1249210336.1667638462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667638462&sct=1&seg=1&dl=https%3A%2F%2Fs.id%2Findovegas_slot&dt=IndoVegas&en=page_view&_ee=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 08:54:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA31YThoARqU3YgJXzBknjk&google_cver=1&google_push=ASkJ3FZUIY1VkXrj3HYS38f735JOUG-AZmZkd-1dDNKcvcncLY0fehh4rPIsX8YXqMxC-w7U4MsJKN0tLuj_MTMPhCaxggtDvcKjzb2BBCeariNw0a5lLWIzi1zaL4ZQQkCHG-tcMOmeLykO2D9Is3IkvYMp

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-20 16:35:34	Name: __gads Value: ID=e7cbd0ed9211526c-223d1f3c67ce0026:T=1667638461:RT=1667638461:S=ALNI_Ma7VGMCMJDBbbqHtJkt6cFj8kjIMQ
.s.id/	1970-01-20 16:35:34	Name: __gpi Value: UID=00000b7cba8633c2:T=1667638461:RT=1667638461:S=ALNI_MZ6qOxSOYTUBkZwn0Rcnq3aUB2XnA
.s.id/	1970-01-20 16:49:58	Name: _ga Value: GA1.1.1249210336.1667638462
.s.id/	1970-01-20 16:49:58	Name: _ga_LJQ0V44EV5 Value: GS1.1.1667638462.1.1.1667638463.0.0.0
.s.id/	1970-01-20 16:49:58	Name: _ga_GTE5CBQ89K Value: GS1.1.1667638462.1.1.1667638463.59.0.0
.doubleclick.net/	1970-01-20 16:35:34	Name: IDE Value: AHWqTUlhpSkVE8ymjAYBvP2l3A-e6j54XA3SD_7nGEaZGZUlGK1-566RDwLbqEsu7O8
.quantserve.com/	1970-01-20 09:23:34	Name: d Value: EH8BCQHAJ4EA
.quantserve.com/	1970-01-20 16:44:12	Name: mc Value: 636624c0-3672b-76ca9-91135
.casalemedia.com/	1970-01-20 15:59:34	Name: CMID Value: Y2YkwF5aMNFstSsikQeyJQAA
.casalemedia.com/	1970-01-20 09:23:34	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-20 09:23:34	Name: CMPRO Value: 5149
.pubmatic.com/	1970-01-20 07:15:24	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:23:34	Name: KADUSERCOOKIE Value: 9ABA5510-68AA-4D20-BAC8-1C25B1D73996
.casalemedia.com/	1970-01-20 09:23:34	Name: CMTS Value: 1130
.awin1.com/	1970-01-20 07:24:03	Name: awpv14098 Value: 412871\|1667638464\|728f5431-5ce7-11ed-9d10-2262c713b6c4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.awin1.com/	1970-01-20 07:24:03	Name: awpv11938 Value: 412871\|1667638464\|72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7
.congstar.de/	1970-01-20 07:24:06	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1667638464_72ad8a90-5ce7-11ed-bfbc-22342ff4a6f7%22%2C%22sp%22%3A%22awin%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA31YThoARqU3YgJXzBknjk&google_cver=1&google_push=ASkJ3FZUIY1VkXrj3HYS38f735JOUG-AZmZkd-1dDNKcvcncLY0fehh4rPIsX8YXqMxC-w7U4MsJKN0tLuj_MTMPhCaxggtDvcKjzb2BBCeariNw0a5lLWIzi1zaL4ZQQkCHG-tcMOmeLykO2D9Is3IkvYMp Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8tVmK90cUp6VgosIkkNcyTWTwNJJ_pAjQVBNiV9f7_zXxOXugA1y2wyLv_NWkgRz1nulrSWhGpNQaL-eP2yFAxcnZcacSu&google_gid=CAESEHjaqPKuNmnCs8MAzhe1T0g&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.s.id
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cm.g.doubleclick.net
cms.quantserve.com
d3li60t7cgizua.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
microsite.s.id
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.id
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.18.18.126
13.41.138.109
142.250.185.194
142.250.186.166
148.251.139.77
185.64.189.115
2001:4860:4802:34::36
23.203.81.208
2600:1901:0:76b9::
2600:9000:2182:400:8:217d:7c80:21
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9a
34.98.67.61
35.176.203.209
35.227.252.103
35.244.174.68
45.126.58.78
65.9.86.41
69.173.144.139
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
16792f9b9f283cd325abfcffd531e65a13bf4fa2e180f6490f193dbab974f1b3
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f
22958d705f2d42f1cadb11386a06e98cb733d68737875b42b77e5f7733ef5d63
230034e8211b62a83adef21a5e70795230c3a90df2d02ce8c8456945c6492db0
25db29b5416a8ff7407d6f5a537981b4443d736a3010a2cdbbcf847856af8ff4
2b205e78f3d47979467bdbdb5cad9de68031a6d15bc9eac56d812b0a502d03ea
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
305d570cd85885df298cbb8e58e273bf2796a6ea0fc825ae1e5eb4475f47a675
3141e87055524d160bb5ec664e95db816505fd9656cefe6d660b6a1443611612
367ae8eae4e2f0f800a59cf6cdb7959c2c1a8c84a5dcebbb30139e4b90ecd0fd
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3fb56a6bcdcc124ac983ac25b5c221564e94746c2df1b74aa4a86b08db4396e9
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
43fdb79ef851cc5956131e7843a70cd887040c5629305f33de8b06ac589c6bac
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fff3235cfa721bd847add0eace5f7f251c39ab572b79f54c20d4d8f47c607dc
536f88d0003030fbdca09dbea227d057c2d86010216f28f6b9412c25ebc26d0b
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624a68226f45bacfbf1135e7f1f982ce9f98ccaaaeea5953c27609fad49d6025
6beb37a5f81ce379bac5cd2168e6953e70f4ee512f5f1abfa8260803b374ed16
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
91ffac90b31faff841b9c65e5ff1375673caa24cdee77eae3296b998a715d0e4
92d8167dfab228666eddc84bcdf25065e43da49447dde175abcd4f47709c6152
946ac0fdf33cd12412a8d0fc81545ecb090731c4014e3ba46170ac751b51cfbd
9667ca85eb3e8090fa4153563d4c67b2086aeb68a8802a41768afdb3f6650a95
96a834f15a259069a2f1f1351dcf926383e27bfb69732cba695a99ef38cb64cc
976d5e2d2e11df4170ce13fe3214f6e9e3b45c61a72d6f34bf6c0250d1a082ec
9a36b1ea64cf6b400d368d6b086a8e8e18b74b07d02cf9a52ccea8b8ea9461b2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad2a6f06d36965e9893af843b3545b82b1e7467fbaa6cd8fe360d58dd03495a9
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
bf0dc20d92c62ef12480a329fe905157d6b84ef7cd14214254fc53fae8ab0fda
c2fab65f37795b3f2f3c5678e7fdca776ae2ab4ec5d09d8c5c1003e59c250ce9
c7f8bad24c3fd7cfa9935bbe4b246162b4b4a3946cbc5874c9cc51839a2b5dd3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
d0c814dc356ccc79fcc9cc955665df4bb8f65ba0c63398b9b4d1f8ec62af8c95
d388d6eadbda67959df2e176105d189a9ee25434d49e645a752b2a10afefacab
d644bde47c0875c42e94873332f1f36fb601193bec613621037abd251bb34d72
d699729dc861dd77a1e59c994fd4ec356cc878f5f27cfbf028b413ee4e31f5b0
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
de154d98346f0ea20c375d205917f4a61eeb7d6eb5ffa5c510fcf991ab7fc9b3
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0d83f47c69c41f629d1bfd9bd90b650a81a22ca20921c5b1546a98948c3dd1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ef29a585868c414f1d58be5ef6e3fbbf82760dffaeffde191c9c12706acf0b
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e85634fbddfab3ccd61567a8fdbb7f16c9918478b661d5acff7f2971472874bd
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ecbd9c9222375a847fed2304dc5d1c78f084e9275628e2a17f5ae98e6208b43e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
fe45f6ec4639331a9271ca9e58cf019079159c971d21c3ef68192ba9a0bfe9d8
fea3ca4bf11630df3dc4ada21e4c6feb51dc8c6f200f78e68989425b45854641

s.id Open in urlscan Pro 45.126.58.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

92 %HTTPS

55 %IPv6

25 Domains

38 Subdomains

28 IPs

6 Countries

2419 kBTransfer

5683 kBSize

18 Cookies

5 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s.id Open in urlscan Pro
45.126.58.78 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

92 %
HTTPS

55 %
IPv6

25
Domains

38
Subdomains

28
IPs

6
Countries

2419 kB
Transfer

5683 kB
Size

18
Cookies

116 HTTP transactions
2 data transactions