blog.paleohacks.com Open in urlscan Pro
2606:4700:10::ac43:15df Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4ba...
Effective URL:
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Submission: On December 12 via api (December 12th 2023, 8:45:54 am UTC) from US — Scanned from DE

Summary HTTP 340 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 61 IPs in 12 countries across 58 domains to perform 340 HTTP transactions. The main IP is 2606:4700:10::ac43:15df, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
67	2606:4700:10:... 2606:4700:10::ac43:15df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.71.202.78 52.71.202.78	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223c:5400:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
2	104.18.43.135 104.18.43.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.148.35 172.64.148.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
4	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	23.53.232.23 23.53.232.23	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
48	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 33	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5 5	2a05:d018:d29... 2a05:d018:d29:3601:c84a:f3f:c1a8:24dc	16509 (AMAZON-02) (AMAZON-02)
4 4	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
2 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
3 6	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	173.231.16.77 173.231.16.77	18450 (WEBNX) (WEBNX)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.54.195 3.120.54.195	16509 (AMAZON-02) (AMAZON-02)
2 4	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9449:420b:1a77:b906	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:20ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	217.160.0.78 217.160.0.78	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	3.9.151.155 3.9.151.155	16509 (AMAZON-02) (AMAZON-02)
1	188.40.59.226 188.40.59.226	24940 (HETZNER-AS) (HETZNER-AS)
2	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
4	35.177.10.97 35.177.10.97	16509 (AMAZON-02) (AMAZON-02)
1	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
340	61

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2606:4700:10::ac43:15df (United States)

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.202.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-202-78.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:5400:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

paleohacks.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.43.135 (None, )

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.35 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.53.232.23 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-232-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3601:c84a:f3f:c1a8:24dc (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.184 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.133 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.64.118.247 (Prague, Czech Republic) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.54.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-54-195.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.56 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9449:420b:1a77:b906 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:20ce (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:d0a:2321::2 (Frankfurt am Main, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.0.78 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-78.elastic-ssl.ui-r.com

www.emil-die-flasche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.9.151.155 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.40.59.226 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.226.59.40.188.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.177.10.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	paleohacks.com blog.paleohacks.com	970 KB
56	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	572 KB
55	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	291 KB
36	googlesyndication.com 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	200 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	125 KB
13	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
8	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	3 KB
7	media.net contextual.media.net — Cisco Umbrella Rank: 665 lg3.media.net — Cisco Umbrella Rank: 6606	73 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	38 KB
6	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 13930	4 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 560	4 KB
5	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550 ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218	53 KB
5	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	3 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	839 B
5	mypaleorecipe.com track.mypaleorecipe.com	35 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3234 ct.pinterest.com — Cisco Umbrella Rank: 715 log.pinterest.com — Cisco Umbrella Rank: 4390	20 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 2849 paleohacks.attn.tv	46 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	286 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	900 B
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	333 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	4 KB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	1 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	264 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	71 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	775 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	20 KB
2	lpages.co paleohacks.lpages.co	8 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2153	364 B
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 106380	891 B
1	emil-die-flasche.de www.emil-die-flasche.de — Cisco Umbrella Rank: 705958
1	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	128 B
1	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 305483	1 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	329 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	184 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	611 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	296 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	542 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	174 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	717 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3355	18 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 2577	160 B
1	gstatic.com fonts.gstatic.com	48 KB
1	hyros.com 178194.tracking.hyros.com
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2843 Failed	219 B
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 852889	716 B
340	58

	Domain	Requested by
67	blog.paleohacks.com	blog.paleohacks.com track.mypaleorecipe.com
33	cm.g.doubleclick.net	2 redirects 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
24	assets.ad4m.at	as.ad4m.at
18	tpc.googlesyndication.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
16	ad4m.at	as.ad4m.at ad4m.at
16	as.ad4m.at	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com as.ad4m.at ad4m.at
13	securepubads.g.doubleclick.net	blog.paleohacks.com securepubads.g.doubleclick.net 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
12	pagead2.googlesyndication.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.google.com	blog.paleohacks.com 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
6	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	www.awin1.com	3 redirects as.ad4m.at
6	c1.adform.net	6 redirects
6	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	pr-bh.ybp.yahoo.com	5 redirects
5	www.google.de	blog.paleohacks.com
5	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
5	www.googletagservices.com	blog.paleohacks.com 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
4	api.webgains.io	analytics.webgains.io
4	ad.doubleclick.net	4 redirects
4	sync.teads.tv	2 redirects 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
4	prod-rtb.ad4mat.net	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
4	static-de.ad4mat.net	as.ad4m.at
4	d5p.de17a.com	4 redirects
4	www.facebook.com	blog.paleohacks.com connect.facebook.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	contextual.media.net	blog.paleohacks.com contextual.media.net
4	connect.facebook.net	blog.paleohacks.com connect.facebook.net www.googletagmanager.com
3	track.webgains.com	as.ad4m.at
3	ads.travelaudience.com	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	lg3.media.net	blog.paleohacks.com contextual.media.net
3	region1.analytics.google.com	www.googletagmanager.com
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	cdn.attn.tv	blog.paleohacks.com www.googletagmanager.com cdn.attn.tv
3	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	blog.paleohacks.com paleohacks.lpages.co
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	d.agkn.com	2 redirects
2	onetag-sys.com	2 redirects
2	dis.criteo.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	paleohacks.attn.tv	cdn.attn.tv
2	paleohacks.lpages.co	blog.paleohacks.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	tm.simptrack.com	as.ad4m.at
1	www.emil-die-flasche.de	as.ad4m.at
1	cdn.retailads.net	1 redirects
1	pvx.freenet-mobilfunk.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	banner.congstar.de	as.ad4m.at
1	rtb.nl3.eu.criteo.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	ag.innovid.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	tr.blismedia.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	match.adsrvr.org	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	ads.eu.criteo.com	10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
1	log.pinterest.com	blog.paleohacks.com
1	pv.medialead.de	as.ad4m.at
1	cdn.mxpnl.com	blog.paleohacks.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	events.attentivemobile.com	cdn.attn.tv
1	assets.pinterest.com	blog.paleohacks.com
1	fonts.gstatic.com	fonts.googleapis.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	links.paleohacks-mailing.com	1 redirects
340	80

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
paleohacks.lpages.co
pinterest.com
www.printfriendly.com
amzn.to
paleohacks.go2cloud.org
phaff.resurge.hop.clickbank.net
www.instagram.com
paleohacks.com
www.paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-03`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-02`	a year	crt.sh
mypaleorecipe.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
simptrack.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Frame ID: 12653C39AC82FFA995732E9C6DC93057
Requests: 156 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Frame ID: 3F4A2B92002A0C608249A004D50E922A
Requests: 2 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Frame ID: F0EDCF857540A6277554722001111B77
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=444&&kkdd=A!%7CW%7C*uh93AnH&Fg=M_*Ch_*_3_Cb3CbMM(-&IuPd=M&ewPT=*&KuF=MMC(&HwKp=.h3b&Kgu=-f19h9h*-&KPKu=E8B8KSiBmYF8F_PD8xUZxi%3D%3D&Kdgu=_C00b_Cb-&wgqp=h**jCb*&KK=)t&wK=Ot&nHHPw=M&dp!kd6=nHHPw%3A%2F%2F26XIsPT6pXnTKZwsKXe%2FPT6pXVPkePZgBVwPgKpVuXBkHw%2F&Bwp=b&6D=M&kIu=3&gD=M0**&ZHH6p=fXKXBkH%20z6Xkd%20JkePZgB%20APgKp%20)XBkHw&eKv=((C*&PIgu=P*M-330M00bbHC*ChMCMC*-3b&nHe6wdK=M&sflct=2583709&ure=1
Frame ID: 6FAE04DF6211AF1076C2BC09B1345A48
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Frame ID: 5D5BA9A01D593BD634E8F32D1762C2EE
Requests: 1 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D3BB0EEF8801D6E8609E76238E8AF813
Requests: 1 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD1772BB0826BCCE798FB66FA034315F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: AF1BEB15E72686D639E7E1166E32B280
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5A66322783E5689C58B48D5D1575396
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 1FE03694987D6E33E7235A6062006153
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 5FF7020DAF6C0011DBAE5029B782A08F
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1537a0f66b731%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff118854819c88e%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Frame ID: 9E6A49A9A4873B550C580C824B8653B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb13efe96ae108%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff118854819c88e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: FF7C7525842F12246E8F2AFFDC24D1D8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4BF9F334D9A278FB5738CEEDBF2EFC6A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA5700E928A9DA2ECF22BBB6A901D129
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AEEDC19D2836385726936FC7DC51648
Requests: 2 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1E1976C7F9C4A3A4DA8D18ED861E482
Requests: 10 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A0BD143501D5A3BBC0AE8D474BC7FED
Requests: 9 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 517878F5A6D5B161F5E6644BEB65762C
Requests: 9 HTTP requests in this frame

Frame: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B84A9AB5ACB02D4F4A1D2FF2D988B4C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: E2BFE11A125F149ECBCBBDDD9F1ACCE9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C89EE90351B9B65ADF1390F6E6A7029
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgdvgAHWkUH_bAPAAUD5iUef2MhqvYxcNR1pg&u=%7Cp9mwpAGTUK15xUqxsEWZmYcGRfT4b5QI07XtN8qRBZ8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62t4LtBo-sBEHo5NtUWX6Om11htG35a4LheQwWb_oR8L-DjUUYnw7j4xk_0uWdViwl1rbRIOq2U1Q_rfS-qQzIk4UZBm0RcGdIwws6Sza8ewZZQ45ccAcXXUlzZK0_oM6YQDv7UAC5Xw_qRM-YvZG7JpK8e6NqSta9gYKMa7buSZ_5Ts83u3RmnlvrN7rcEx1Ha5X_DmkGRqBEqxJGv4gkj1A1hE3V-Qd3shctcvCFPMkgWnkJMpHA6iDzCnZiKb08cx9IhBR7b_65gvTPPyYfLukdTrul8dhmpZO-NWOD-9hmeA-P6epud72Obw8nX7Yp58VH8m2MVUP0WB034GKIO00Yn3SvT5qE2C3-7DYieb612_itpr72AVfynfNhVZgL2OrDDDGhFzWcSHoJ8JLMgroxiTKq2fzSqXcp1pkKUAXNVZ0v3BQdID7UO7jKXJMNFM9XJdwtm2Ts8gjyC0PqHeEM_6diTF4fxeXWP64kH1FO2LyYrC_tqZ_LC4fj7OFRPa0vl0CIRmgwzGXEgHFB9-qygYkb2czJzLfpm6NRIy3mgFqlPZCPOzxnDz_MczBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_igvh14ZcW0HY_g9u8P5oeUmATJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAkc5ppu2D7I-4AIAqAMByAMCqgS4Ak_QYxjlHZgbItdeLC9BzQaWx1DB5Ah5-P7TsYsHOFb_aOZQ0-PiHyQPhoBuag27YeedbLVO_F5jinS44ilES588rGq81Db7BEqzAs69mnGKQbO0-YcSoVVaA0k651-ItwOTDyUm8e1SeONO95ASnRKXkGkDL7nCyyPqCmyXHbTtvp73uomtHjXUdn6CG1dTmvvgruiW6BbuPPL-CcaREaLjNV-7yHDaps3B25aoOUZxFJ4hXQayhAD2Pcbm_DZYVSO39Ska4P3vmCAk8cQmNg6xw0Tgoztgw08lS_AUj9xrTXK0M-Nt53JVN5YBLkhJBolL1CV9PwPg6S6vS30VOK5B4cCsn21BQHv6hgAGk1_yOrNSHHeNn3nweSaKodp2yPMTOJWuFq2ZSS5KJ0mRkHEKF0aYL0Os5OAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqv_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_1FhQ9JSl95tEIGvS45g0Y8a-JxuQ%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: C3E6D0324E4A6490B76FAEA1B9FA3199
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47862F463CF724747D646B52622C7ABE
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 605B404856B96F732BDB048C2BAC33E2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A093CA2E9A54BBABA924CE6A7931A63D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 299613F067F453973D16495BA2438BB0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBDE7619FAB87AEB09E9B08AA69EC32E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D257AE42ACA10B4F95EFCB3D964F34F9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 548BE26704EC267DC331AF49D3D93AA1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 843695C17DC4FBEAB4EB5C3FD022D47A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 2C51D67C7EBF554305FD0B91B287580C
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 90C18DD522FC90C2FA5C108260656F4B
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: A1FBC52CE42D5C3F07D42006B55AB316
Requests: 11 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: E1ACB1661D0A9DD05BC4FA0E604F7A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paleo Pumpkin Spice Donuts Recipe | Dairy-Free, Paleo, Gluten-FreeFacebookPinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/506... HTTP 302
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

340
Requests

89 %
HTTPS

50 %
IPv6

58
Domains

80
Subdomains

61
IPs

12
Countries

3356 kB
Transfer

8481 kB
Size

63
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/
Title: Click here to get your FREE copy of our delicious Dessert Recipes!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&display=popup&ref=plugin&src=share_button
Title: <img alt="facebook" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/facebook.png"> Share on Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/link/?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&media=https://blog.paleohacks.com/wp-content/uploads/2015/11/Paleo-Pumpkin-Spice-Donuts744.jpg%20&description=Paleo%20Pumpkin%20Spice%20Donuts
Title: <img alt="pin" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/pinterest.png"> Pin It

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/&text=Paleo%20Pumpkin%20Spice%20Donuts
Title: <img alt="twitter" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/twitter.png"> Tweet

Search URL Search Domain Scan URL

URL: https://www.printfriendly.com/print/?url=https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Title: <img alt="email" class="nopin" src="https://blog.paleohacks.com/wp-content/themes/paleohacks/schema-images/email.png"> Email It

Search URL Search Domain Scan URL

URL: http://amzn.to/2toQWt0
Title: Viva Naturals

Search URL Search Domain Scan URL

URL: http://amzn.to/2CvWntz
Title: Hidden Springs Maple

Search URL Search Domain Scan URL

URL: http://amzn.to/2tfF0Lq
Title: Nutiva

Search URL Search Domain Scan URL

URL: http://amzn.to/2tot0pn
Title: Authentic Foods

Search URL Search Domain Scan URL

URL: http://amzn.to/2DId7ym
Title: Wholesome

Search URL Search Domain Scan URL

URL: http://paleohacks.go2cloud.org/aff_c?offer_id=12&aff_id=1000&aff_sub=kslowcta

Search URL Search Domain Scan URL

URL: http://phaff.resurge.hop.clickbank.net/?lid=3&tid=resurgetxt

Search URL Search Domain Scan URL

URL: https://paleohacks.go2cloud.org/aff_c?offer_id=21&aff_id=1000&aff_sub=kipcta

Search URL Search Domain Scan URL

URL: https://www.instagram.com/courtneyjanetlopez/

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

URL: https://www.paleohacks.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4baf9453eef58248d4d2 HTTP 302
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 151

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWLcimSX9DZa_GxrxDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWLcimSX9DZa_GxrxDA

Request Chain 152

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevEN-lGKCwKFPND0g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevEN-lGKCwKFPND0g

Request Chain 153

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpDgGzOiNis HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpDgGzOiNis&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Request Chain 154

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE

Request Chain 156

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0SzgP_O78wV_sTWz1Q8F-XwFM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0SzgP_O78wV_sTWz1Q8F-XwFM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0SzgP_O78wV_sTWz1Q8F-XwFM

Request Chain 157

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ3mg8EVXUjUBxxOZIelAOM&google_cver=1&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68gjNmKCEdbLS85MWeGsI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68gjNmKCEdbLS85MWeGsI

Request Chain 240

https://d.agkn.com/pixel/2175/?google_gid=CAESEJgZp-Y-kDeeqKjxnPbvQP8&google_cver=1&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4

Request Chain 241

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrMyKTUpss2akx9fRf0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrMyKTUpss2akx9fRf0A

Request Chain 242

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoObynhv0OBM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoObynhv0OBM&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Request Chain 243

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfeznxDwQHpvJa7ihW7321O7HOi5i4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfeznxDwQHpvJa7ihW7321O7HOi5i4

Request Chain 244

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl7PmNWHBqD-4skAbC76ep5AxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl7PmNWHBqD-4skAbC76ep5AxA

Request Chain 245

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED9Ye8DbBfs91tleuCs1Y4I&google_cver=1&google_push=AXcoOmQoD8zamxtOiE0tjTXYJcNJaLhx7CmheaWpspaKeimH2B9OjGQCApse6tCrrnqgiR_20BcBu9dAHF37WNgVxXOmFuAJRFHfD4on HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoD8zamxtOiE0tjTXYJcNJaLhx7CmheaWpspaKeimH2B9OjGQCApse6tCrrnqgiR_20BcBu9dAHF37WNgVxXOmFuAJRFHfD4on HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 247

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 248

https://um.simpli.fi/gp_match?google_gid=CAESEK67lOOceOAxBDdmatE4Fqk&google_cver=1&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9G4m0IsF88ULRWIAk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DCEDE9334258483A88F8B59A9E99C75B&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9G4m0IsF88ULRWIAk

Request Chain 250

https://d.agkn.com/pixel/2175/?google_gid=CAESEJgZp-Y-kDeeqKjxnPbvQP8&google_cver=1&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4

Request Chain 251

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCHZEucKrY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCHZEucKrY4&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Request Chain 252

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5jL3qza8TDp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5jL3qza8TDp

Request Chain 253

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P7HZ8l9fPQp05EZ3f-EFH-I0kol HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P7HZ8l9fPQp05EZ3f-EFH-I0kol

Request Chain 255

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJE0CMAWiffqcVoRevdocLQ&google_cver=1&google_push=AXcoOmTxehoaJfh0ptYfnVgLRN0L_2jYU2gmAXF4JsCoHY-RaRWuo0_X8uwLgFj7VlKv9biaNYtjQc6C6rixrPVdcOf2RqG2cCf_WANy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJE0CMAWiffqcVoRevdocLQ&google_push=AXcoOmTxehoaJfh0ptYfnVgLRN0L_2jYU2gmAXF4JsCoHY-RaRWuo0_X8uwLgFj7VlKv9biaNYtjQc6C6rixrPVdcOf2RqG2cCf_WANy

Request Chain 256

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP61GFArAhNbDhKAE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP61GFArAhNbDhKAE

Request Chain 257

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXDLq0zqU1RD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXDLq0zqU1RD&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Request Chain 258

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVPdPCqtHNrt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVPdPCqtHNrt

Request Chain 259

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6XpO63HLuKOyEixFm4gNJXZFsu84 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6XpO63HLuKOyEixFm4gNJXZFsu84

Request Chain 261

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED9Ye8DbBfs91tleuCs1Y4I&google_cver=1&google_push=AXcoOmSBtXRLK076rjUmljiuaZlaJDplLEsyFeFDncxnntXCjjScsu16KIFxiWqu6fLd4bu3s81vclGrwg-agwY5EuMP0odXL7NVcwi5dg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSBtXRLK076rjUmljiuaZlaJDplLEsyFeFDncxnntXCjjScsu16KIFxiWqu6fLd4bu3s81vclGrwg-agwY5EuMP0odXL7NVcwi5dg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 264

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIWIykviW90VUUHLSYqtRAc&google_cver=1&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwTujKkrcsQBwIx18BB-Bts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwTujKkrcsQBwIx18BB-Bts&google_hm=q5vNHlnOSxSGKhCKH9AFQwU

Request Chain 265

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25lGKimOW9f1gQNCcvyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25lGKimOW9f1gQNCcvyQ

Request Chain 266

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEgTFz6FKzrk29YuA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEgTFz6FKzrk29YuA

Request Chain 267

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9ngq6oYPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9ngq6oYPw&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Request Chain 269

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ3mg8EVXUjUBxxOZIelAOM&google_cver=1&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfLMR1xl4TyhwjEhf75ow0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfLMR1xl4TyhwjEhf75ow0

Request Chain 323

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP6Fn5_BiYMDFYSkgwcd3jQIZQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1702370751_da9bbf80-98ca-11ee-b1a8-22396ad6a5ca

Request Chain 331

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKiDn5_BiYMDFTmg_Qcdh2UHtQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 334

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1702370751_da8d4090-98ca-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 338

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702370751_da904dd0-98ca-11ee-9488-2234841a3abe

Request Chain 341

https://cdn.retailads.net/tb.php?t=150269V2146131017M&subid=oneidXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.emil-die-flasche.de/hltp.html?ra_id=3380152693

340 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10060183/746255798/_d7acdcc5d30317f101c4e33a0b622f955d0f50cb/5069def3217174f9e9db4baf9453eef58248d4d2
https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

160 KB
31 KB

974ms
711ms

Document
text/html

2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: f015661bd082da54c4a4e98702196df5567f48b3d9278469d8e625cc573931f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8344b16e9e3d363b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Tue, 12 Dec 2023 08:45:47 GMT
last-modified: Tue, 12 Dec 2023 01:09:30 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 08:45:46 GMT
location: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1 + Phusion Passenger(R) 6.0.18
status: 302 Found
transfer-encoding: chunked
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 5.3.7
x-request-id: a562a12c-8ee2-4092-9358-bb8d4cac2cc6
x-runtime: 0.024190
x-xss-protection: 1; mode=block

GET
H2 200 schema-style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/ 673 B
409 B 24ms
22ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/schema-creator/lib/css/schema-style.css?ver=1681483471
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 1223469
cf-polished: origSize=680
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:31 GMT
server: cloudflare
etag: W/"643966cf-2a8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1730b02363b-FRA
expires: Thu, 28 Dec 2023 04:54:38 GMT

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
166 B 20ms
19ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 968492
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1730b07363b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 31 Dec 2023 03:44:15 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2431938
etag: W/"643966cb-e6e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1730b09363b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 05:13:29 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 27ms
26ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 9482
etag: W/"650200aa-19824"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1730b0b363b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 06:07:45 GMT

GET
H3 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 29ms
29ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 106552
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c233672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 03:09:55 GMT

GET
H3 200 font-awesome.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 31 KB
7 KB 21ms
19ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1044381
etag: W/"643966cb-7b13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c253672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 06:39:26 GMT

GET
H3 200 fonts.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 3 KB
547 B 31ms
29ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 1128907
etag: W/"643966cb-a81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c273672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 07:10:40 GMT

GET
H3 200 front.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/ 729 B
451 B 32ms
30ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2445740
etag: W/"643966cb-2d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c293672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 01:23:27 GMT

GET
H3 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 2 KB
964 B 21ms
20ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 9482
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-8ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c2b3672-FRA
expires: Thu, 11 Jan 2024 06:07:45 GMT

GET
H3 200 twitter-feed.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/ 1 KB
700 B 23ms
22ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 114591
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c2c3672-FRA
expires: Wed, 10 Jan 2024 00:55:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 71ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 08:45:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 08:45:47 GMT

GET
H3 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
15 KB 25ms
24ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 98864
etag: W/"65020110-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c2d3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 05:18:03 GMT

GET
H3 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 186681
etag: W/"65020110-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c2e3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 04:54:26 GMT

GET
H3 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/ 1 KB
624 B 24ms
23ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 1221976
cf-polished: origSize=1055
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-41f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c2f3672-FRA
expires: Thu, 28 Dec 2023 05:19:31 GMT

GET
H3 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 38ms
37ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 964933
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c303672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Dec 2023 04:43:34 GMT

GET
H3 200 sspop.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/sspop.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 98864
cf-polished: origSize=3500
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-dac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c343672-FRA
expires: Wed, 10 Jan 2024 05:18:03 GMT

GET
H3 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/ 22 KB
5 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 1062306
cf-polished: origSize=22749
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-58dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8344b1732c363672-FRA
expires: Sat, 30 Dec 2023 01:40:41 GMT

GET
H3 200 jquery.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 85 KB
31 KB 39ms
39ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 177170
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1732c393672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 07:32:57 GMT

GET
H3 200 jquery-migrate.min.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 13 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 311793
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1737c7d3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 18:09:14 GMT

GET
H3 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 53 B
294 B 30ms
29ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 525409
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738c923672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:58 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
536 B 25ms
21ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 433918
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738c983672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 08:13:49 GMT

GET
H3 200 634.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 37ms
33ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/634.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 525408
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738c993672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:59 GMT

GET
H3 200 675.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/ 5 KB
2 KB 26ms
22ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/675.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 270232
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738c9b3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 05:41:55 GMT

GET
H3 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 910 B
646 B 24ms
20ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 540657
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738c9d3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 02:34:50 GMT

GET
H3 200 653.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/ 90 KB
27 KB 56ms
52ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 831
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738ca13672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Dec 2023 08:31:56 GMT

GET
H3 200 dtag.js Show response
blog.paleohacks.com/wp-content/cache/min/1/paleohacks/ 3 KB
2 KB 28ms
24ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 525408
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738ca23672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:48:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 33ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6002d515af2e37c4cf588186d56895eb893c60bf2c21b5380c366300e721ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 08:45:47 GMT
content-md5: YNjRdzEK3U/RCZDtmRIB8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: uNltOhwYzYj0e5UPVDtlS2+09dADawJz/8NK/fV3daE5HHk78XLaEtaaXcNsOO6Kg7KtzOh4Q7Dd70dB2LmYww==
x-fb-content-md5: d110dbbc0e3b41297c58d22f8bd953f2
cross-origin-opener-policy: same-origin-allow-popups
etag: "9046259724b64b1a76ef7555e29803a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:00:45 GMT

GET
H3 200 gpt.js Show response
blog.paleohacks.com/wp-content/cache/min/1/tag/js/ 78 KB
27 KB 32ms
28ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:29 GMT
server: cloudflare
age: 357018
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738ca33672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:35:29 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 112 KB
43 KB 252ms
145ms Script
text/javascript 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

83f4d59e4d8c73e6a6cb1f57e329ad13c075c31ad9da6f43f18740ebe82d6fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-mnt-h: 22-s1v0
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 12 Dec 2023 08:45:47 GMT
server: Apache
etag: "d433d752a9e18e475426196e85f3d783"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:47 GMT

GET
H3 200 leadbox-1556322866.js Show response
blog.paleohacks.com/wp-content/cache/min/1/ 14 KB
5 KB 30ms
27ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:45:03 GMT
server: cloudflare
age: 357018
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738ca53672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:35:29 GMT

GET
H3 200 pinit.js Show response
blog.paleohacks.com/wp-content/cache/min/1/js/ 360 B
467 B 40ms
36ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 570636
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738ca93672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 18:15:11 GMT

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 37ms
34ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 282197
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738caa3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 02:22:30 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
928 B 26ms
23ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 526418
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cab3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 06:32:09 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/ 259 B
411 B 54ms
51ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 453869
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cac3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
951 B 28ms
25ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 177469
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cad3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 07:27:58 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 34ms
31ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/556.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 831
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cae3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Dec 2023 08:31:56 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 37ms
35ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 180309
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738caf3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 06:40:38 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
943 B 43ms
41ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:34:18 GMT
server: cloudflare
age: 98864
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cb13672-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 05:18:03 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 39ms
37ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 301156
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cb33672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 21:06:30 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
441 B 41ms
39ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 90527
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cb53672-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 07:37:00 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 49ms
47ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 359037
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cb63672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 05:01:50 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 42ms
39ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 362340
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cbb3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 15 Dec 2023 04:06:47 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 32ms
30ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 453869
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cbf3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
948 B 51ms
49ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 453869
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cc13672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 02:41:18 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
281 B 47ms
45ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:00 GMT
server: cloudflare
age: 5344
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cc33672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Dec 2023 07:16:43 GMT

GET
H3 200 sdk.js Show response
blog.paleohacks.com/wp-content/cache/min/1/en_US/ 2 KB
1 KB 39ms
38ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 186163
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cc53672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 05:03:04 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 45ms
43ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 282197
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cc73672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 16 Dec 2023 02:22:30 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 46ms
44ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 98864
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cc93672-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 05:18:03 GMT

GET
H3 200 lazyload.min.js Show response
blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 43ms
41ms Script
application/javascript 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:07:28 GMT
server: cloudflare
age: 431081
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 8344b1738cca3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 09:01:06 GMT

OPTIONS /
api.ipify.org/ Frame 0
0

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 325ms
101ms Script
text/javascript 52.71.202.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.202.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-202-78.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 133ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d05ee65ab254ce371a0cf4a7346e9e0ebf625cb8de03493e4eb4ce706ee2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29088
x-xss-protection: 0
server: cafe
etag: 908 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
88 KB 84ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ea06f40de04e30bd37075608d540c7c50d144f0a7cc435c633f249c6902a10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89840
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 08:45:47 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 35 KB
13 KB 49ms
48ms Other
image/svg+xml 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 18:36:32 GMT
server: cloudflare
age: 1130264
etag: W/"65020130-8b8c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 8344b1738ccb3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 06:48:03 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5a0efdff20b3d57efe46e272d0702939bf9d2e48c678f4052c8f4f5fe15c56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc17325e7575f7e337eb7305faaf6194c45d177ec3fff630e4eabbba3d560de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fbfff963eb97f28e3b6bdc5e628e27fac2717beca2642b76e7171abb126147d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 229788376a77ac6380dcf37286c503556f46dd5f35886ac2b0df144331fe6225

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
api.ipify.org/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 74ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 55754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:16:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=373056406c36ccabfb7608bbf4a7deb2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

463e9427d61d944e415ce60646cd567f43bb316dfed081a42cd5f0d525503a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 08:45:47 GMT
content-md5: L67kKuCLdlSroMnNz2omuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88320
reporting-endpoints
x-fb-debug: fIxAlqogxyhslLA4ocPsOOChXkrOabNEaUPzxQsiEe1+bHwO9n6NMwVHYRXJFveq7s/XFOmYAbwlE0ODfNOdig==
x-fb-content-md5: 18b2dfab0115c75c31207be69e4afbe9
cross-origin-opener-policy: same-origin-allow-popups
etag: "f1a40c10e45499e2f957d22608db20ba"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 05:06:13 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 76ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 06:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6963
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 06:49:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
614 B 330ms
50ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83fe2d78e9191d997830b9e4e492d6e83fb32a044584ec920e4f15280e2829d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:45:47 GMT

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 129 KB
43 KB 47ms
12ms Script
application/javascript 2600:9000:223c:5400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fefb10032e9c503375fd8ac3cc2be876f835b2e6ea5022fbcb57a9b9babd1259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: qLlRei2HZrdVo_myH.cAh_Db9GlUd3MX
content-encoding: gzip
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 08:43:54 GMT
x-amz-cf-pop: FRA56-P2
age: 114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Dec 2023 15:43:14 GMT
server: AmazonS3
etag: W/"fa062f1be70d0da0b7a2a2952bef5fd6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: 9mCoXSwrY-iw58NU8BVs0aPVWfZOj2yJ7FzhnqHBwUbOMxUihaERAw==

GET
H3 404 can-i-show.js
blog.paleohacks.com/static/all/js/ 0
0 1335ms
1335ms Script
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/static/all/js/can-i-show.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=43200, must-revalidate
cf-ray: 8344b1741d513672-FRA
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/ Frame 3F4A 12 KB
4 KB 1182ms
668ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 12 Dec 2023 08:45:48 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/ Frame F0ED 12 KB
4 KB 1323ms
809ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/leadbox-1556322866.js?ver=1681483503
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 12 Dec 2023 08:45:48 GMT
server: Leadpages
vary: Accept-Encoding

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 2 KB
948 B 1220ms
1219ms XHR
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1702370747434

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

b3c716614b5b83e21677058c046054d8f5a421630700c32e6280a00df86af4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 8344b1743d753672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Hind-Regular.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/ 93 KB
93 KB 26ms
26ms Font
application/octet-stream 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92

Request headers

Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2584916
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 8344b1743d763672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 10:43:51 GMT

GET
H3 200 Montserrat-SemiBold.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/ 79 KB
79 KB 34ms
34ms Font
application/octet-stream 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Request headers

Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1060742
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 8344b1743d793672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 02:06:44 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 40ms
7ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.9159932115496343
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 18679

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 30ms
29ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 844079
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d883672-FRA
expires: Mon, 01 Jan 2024 14:17:47 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 30ms
30ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 183769
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d8a3672-FRA
expires: Tue, 09 Jan 2024 05:42:58 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 33ms
32ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 34591
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d8c3672-FRA
expires: Wed, 10 Jan 2024 23:09:16 GMT

GET
H3 200 Paleo-Pumpkin-Spice-Donuts.jpg
blog.paleohacks.com/wp-content/uploads/2015/10/ 59 KB
59 KB 34ms
33ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/Paleo-Pumpkin-Spice-Donuts.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389bd89a4913957f457018d4e48fdddeaeaa492e047db362a6a4f30e944b0616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 130453
cf-polished: qual=85, origFmt=jpeg, origSize=157764
content-disposition: inline; filename="Paleo-Pumpkin-Spice-Donuts.webp"
alt-svc: h3=":443"; ma=86400
content-length: 60076
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:32:59 GMT
server: cloudflare
etag: "5dc6ea3b-26844"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d8f3672-FRA
expires: Tue, 09 Jan 2024 20:31:34 GMT

GET
H3 200 instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 10 KB
10 KB 35ms
35ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 53609
cf-polished: qual=85, origFmt=jpeg, origSize=13651
content-disposition: inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10232
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 03:23:53 GMT
server: cloudflare
etag: "5fd2e649-3553"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d903672-FRA
expires: Wed, 10 Jan 2024 17:52:17 GMT

GET
H3 200 Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 14 KB
14 KB 36ms
36ms Image
image/jpeg 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 132557
cf-polished: degrade=85, origSize=19193, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 13929
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Oct 2020 21:03:53 GMT
server: cloudflare
etag: "5f8f50b9-4af9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d933672-FRA
expires: Tue, 09 Jan 2024 19:56:30 GMT

GET
H3 200 The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 30 KB
31 KB 37ms
36ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 1219066
cf-polished: qual=85, origFmt=jpeg, origSize=36409
content-disposition: inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30954
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Sep 2020 22:14:02 GMT
server: cloudflare
etag: "5f63dfaa-8e39"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d943672-FRA
expires: Thu, 28 Dec 2023 06:08:01 GMT

GET
H3 200 The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 73 KB
73 KB 37ms
37ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: HIT
age: 844080
cf-polished: qual=85, origFmt=jpeg, origSize=109440
content-disposition: inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74830
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 20:19:53 GMT
server: cloudflare
etag: "5dc9c269-1ab80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1744d973672-FRA
expires: Mon, 01 Jan 2024 14:17:46 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 446ms
408ms Fetch
application/json 104.18.43.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=09f1a7a3323e4e02a9793a972fb9faab
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-ray: 8344b174c92c9b64-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
160 B 242ms
144ms Ping
text/plain 172.64.148.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.25.43_97c1433b34&pd=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&u=09f1a7a3323e4e02a9793a972fb9faab&c=paleohacks&ceid=UsU&lt=1702370747606&tag=modern&cs=1012905134&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1702370747608
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 7
cf-ray: 8344b1752c625d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
90 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bee27de6ea2caf16ad1157df35619b4a85e60d0b65edb16778087d100ee4f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 08:45:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1702370747618&cv=11&fst=1702370747618&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&hn=www.googleadservices.com&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8a783bfd21e3d5602071b2ac000da29985addcdfff6d1ade4d41941bc9c67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 07:48:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3453
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 09:48:14 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 08:45:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: R4KNlCmi4AbDHYCuQLNrzq6NYpW/+o3rkQK28NjTDdhIrpiues2qrCN5aWQkAR/xgooPUmrBVJs5y+QdktLJyA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 8ms
7ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-cdn: fastly
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1793

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 52ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6729
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rdtKIvpy8vlWvTU1DD6aAnELRdSCCMOL2TymSLOoHFDJZtb97DvBDo8QMhvHTKCmmIUgYR%2BbA5iRkOigKQLWN66W9n%2FPvlY5fSqhUI5Kr%2By6MNQt7Enzz8XjBLiiDPw3IY%2BW1oKUQI5nXNDxsBjx9KE4Wh%2Fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344b174df744db4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 49ms
14ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:39:18 GMT
content-encoding: gzip
age: 389
x-guploader-uploadid: ABPtcPqXHf3Uf5ORTlZ55WM46-BwlRa-iRYsNHe2WSG247Oo0L2DVYjr43nPAqSeXwwPbu7lb1E
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18139
last-modified: Tue, 14 Nov 2023 19:54:10 GMT
server: UploadServer
etag: "dff66d0b72bdc18a02be56412d5ef8c4"
vary: Accept-Encoding
x-goog-generation: 1699991650202934
x-goog-hash: crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18139
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:49:18 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1281ms
1281ms Script
text/javascript 2600:9000:223c:5400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 08:45:49 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: h74kCWPk76_183JXX4XJTqjkIZU4V6bB61zsb5RA1zwhFX6QKUStig==

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
385 B 394ms
394ms Script
text/javascript 2600:9000:223c:5400:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 00:09:34 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 30978
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: OX8hZX9bJGf0rEWwpmWmIXxKq2gfrFZRQO1NTid8dxpb7XPJJZpoGQ==

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 8ms
8ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
x-cdn: fastly
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18895

GET
H3 200 405752247076167 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 143ms
143ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405752247076167?v=2.9.138&r=stable&domain=blog.paleohacks.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62db4a83c7d9a73707f55c212f1b5e56811aa93df17077559b84b41123863248

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 08:45:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fPgP99bbWyBREV5mPdf8aVHwjlPygSs5qhfGN/DMVYQeUbEHLBTZdgUMp8296yrU1VTSd98eTNrpNJCDDLubxA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
405 B 99ms
50ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1702370747672&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2111526114190486
content-length: 172
pin-unauth: dWlkPU9ESXlZemM1TW1ZdFltSm1PUzAwWkRnM0xXSXpOREF0WmpjNE5EazNPREF6T1RBeg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 18ca486382a49382d94e5112f49bc2f9e5d43a34
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
399 B 95ms
47ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702370747672
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 18ca486382a49382d94e5112f49bc2f9e5d43a34
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1116392894574730
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 50ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je3bt0v871543173z877268957&_p=1702370747437&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=562926640.1702370748&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702370747&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3395
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 60ms
21ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=562926640.1702370748&gtm=45je3bt0v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 61ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=562926640.1702370748&gtm=45je3bt0v871543173z877268957&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1548116353

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3783
cf-polished: origSize=3254
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd%2FDVgAce6x%2FRs37cYu7SftDZBwiWhQu9MUVVgJiVeQ8oQvYk4n7ejLuaQfEKl71SSDspcpNA6xpY%2FU%2Bx9mzskxk41Kfw8EAwo8iZqA6zlMEwxiHVxSlB2n9ehHWepdgw1WbE5bStsmqDlN0zPRFuMpa%2BqU4Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344b1753fef4db4-FRA

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Dec 2023 09:10:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 22ms
22ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1091848731&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEAjAAAAACAAI~&jid=648534263&gjid=1052792498&cid=562926640.1702370748&tid=UA-42752472-1&_gid=477613113.1702370748&_r=1&_slc=1&gtm=45He3bt0n81TJTDCJGv77268957&cd1=recipes&cd2=October%2021%2C%202015&cd3=Courtney%20Hamilton&cd5=coconut-flour-recipes%2Cdessert-recipes%2Coven%2Cpumpkin-recipes%2Ctapioca-flour-recipes%2Cvegan%2Cvegetarian&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1583886332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
154 B 96ms
38ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1702370747618&cv=11&fst=1702368000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9yJNHKGJ0mhTyoCn4BCx09Ndr5WfSQ&random=2921476965&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
455 B 36ms
25ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1702370747618&cv=11&fst=1702368000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77268957&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=0&tiba=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9yJNHKGJ0mhTyoCn4BCx09Ndr5WfSQ&random=2921476965&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/1017354394/ Frame 6FAE 62 KB
23 KB 299ms
299ms Document
text/html 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=444&&kkdd=A!%7CW%7C*uh93AnH&Fg=M_*Ch_*_3_Cb3CbMM(-&IuPd=M&ewPT=*&KuF=MMC(&HwKp=.h3b&Kgu=-f19h9h*-&KPKu=E8B8KSiBmYF8F_PD8xUZxi%3D%3D&Kdgu=_C00b_Cb-&wgqp=h**jCb*&KK=)t&wK=Ot&nHHPw=M&dp!kd6=nHHPw%3A%2F%2F26XIsPT6pXnTKZwsKXe%2FPT6pXVPkePZgBVwPgKpVuXBkHw%2F&Bwp=b&6D=M&kIu=3&gD=M0**&ZHH6p=fXKXBkH%20z6Xkd%20JkePZgB%20APgKp%20)XBkHw&eKv=((C*&PIgu=P*M-330M00bbHC*ChMCMC*-3b&nHe6wdK=M&sflct=2583709&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9b4b9089114129040dcfad365b3efef6f4e48b5a567006e965e485fd7dae885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 23697
content-type: text/html
date: Tue, 12 Dec 2023 08:45:48 GMT
expires: Tue, 12 Dec 2023 08:45:48 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-sc-h: 22-6vn6

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 5D5B 16 KB
6 KB 64ms
64ms Document
text/html 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

62ba217c47f8a530cd1fbab05b9e9321cd16914ee0199eb35944638261e2ebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 5966
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Thu, 14 Dec 2023 08:45:47 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 35 B
338 B 72ms
23ms Image
image/gif 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=602&&vgd_cdv=1129&vgd_cage=6&vgd_tsce=L345&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&vi=1702370747254251198&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785191&r=1702370747733&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=28753&vgd_rakh=1702370747192872159&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p01844616655t202312120845&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&hvsid=00001702370747730006245726724799&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Tue, 12 Dec 2023 08:45:47 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Tue, 12 Dec 2023 08:45:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=562926640.1702370748&jid=648534263&gjid=1052792498&_gid=477613113.1702370748&_u=YADAAEAiAAAAACAAI~&z=368869403

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
86 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5593ec16264a800d091613e3c9334060e17b99d6cb1b99a404a3a9584505172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 08:45:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 22ms
21ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1091848731&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAI~&jid=2058812094&gjid=2070248166&cid=562926640.1702370748&tid=UA-81910700-1&_gid=477613113.1702370748&_slc=1&gtm=45He3bt0n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1816365609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=562926640.1702370748&jid=2058812094&gjid=2070248166&_gid=477613113.1702370748&_u=aCDAiEAjBAAAAGAAI~&z=1673589443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1091848731&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&ul=en-us&de=UTF-8&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Dessert%20Recipes%20Lead%20Magnet&_u=aCDACEAjBAAAAGAAI~&jid=&gjid=&cid=562926640.1702370748&tid=UA-42752472-1&_gid=477613113.1702370748&gtm=45He3bt0n81TJTDCJGv77268957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1781409491

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 13:43:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68550
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
39ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=562926640.1702370748&jid=648534263&_u=YADAAEAiAAAAACAAI~&z=477612654

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
26ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=562926640.1702370748&jid=648534263&_u=YADAAEAiAAAAACAAI~&z=477612654

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 47ms
36ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=562926640.1702370748&jid=2058812094&_u=aCDAiEAjBAAAAGAAI~&z=434957314

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
24ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=562926640.1702370748&jid=2058812094&_u=aCDAiEAjBAAAAGAAI~&z=434957314

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3bt0v9137939032&_p=1702370747437&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=562926640.1702370748&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sid=1702370747&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=recipes&ep.ua_dimension_2=October%2021%2C%202015&ep.ua_dimension_3=Courtney%20Hamilton&ep.ua_dimension_5=coconut-flour-recipes%2Cdessert-recipes%2Coven%2Cpumpkin-recipes%2Ctapioca-flour-recipes%2Cvegan%2Cvegetarian&tfd=3538
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 24ms
24ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RWB4GYKC4G&cid=562926640.1702370748&gtm=45je3bt0v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RWB4GYKC4G&cid=562926640.1702370748&gtm=45je3bt0v9137939032&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=610645730

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 67ms
25ms Script
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
19 KB 339ms
338ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1149456987301129&correlator=3498481103950100&eid=31072878%2C31073830%2C31079525&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=79842087%2C1706127594&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702370747865&lmt=1702343370&dlt=1702370747362&idt=276&adxs=-9%2C690&adys=-9%2C1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=562926640.1702370748&ga_sid=1702370748&ga_hid=1091848731&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d8bd10d90d2f903b3bd9c1d1dd591107dd5f74e73d982870211bd5966d6cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19243
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3BB 6 KB
3 KB 113ms
49ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&rl=&if=false&ts=1702370747876&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1702370747875.684154582&ler=empty&it=1702370747668&coo=false&tm=1&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 08:45:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 34ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&rl=&if=false&ts=1702370747877&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1702370747875.684154582&ler=empty&it=1702370747668&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 08:45:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 388ms
388ms Fetch 104.18.43.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.25.43&r=&id=09f1a7a3323e4e02a9793a972fb9faab&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 24
cf-ray: 8344b1772bb69b64-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame 6FAE 42 B
198 B 30ms
30ms Image
image/gif 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800028474/1x1.gif

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=444&&kkdd=A!%7CW%7C*uh93AnH&Fg=M_*Ch_*_3_Cb3CbMM(-&IuPd=M&ewPT=*&KuF=MMC(&HwKp=.h3b&Kgu=-f19h9h*-&KPKu=E8B8KSiBmYF8F_PD8xUZxi%3D%3D&Kdgu=_C00b_Cb-&wgqp=h**jCb*&KK=)t&wK=Ot&nHHPw=M&dp!kd6=nHHPw%3A%2F%2F26XIsPT6pXnTKZwsKXe%2FPT6pXVPkePZgBVwPgKpVuXBkHw%2F&Bwp=b&6D=M&kIu=3&gD=M0**&ZHH6p=fXKXBkH%20z6Xkd%20JkePZgB%20APgKp%20)XBkHw&eKv=((C*&PIgu=P*M-330M00bbHC*ChMCMC*-3b&nHe6wdK=M&sflct=2583709&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/sr/1017354394/SAFEFRAME.html?ule=444&&kkdd=A!%7CW%7C*uh93AnH&Fg=M_*Ch_*_3_Cb3CbMM(-&IuPd=M&ewPT=*&KuF=MMC(&HwKp=.h3b&Kgu=-f19h9h*-&KPKu=E8B8KSiBmYF8F_PD8xUZxi%3D%3D&Kdgu=_C00b_Cb-&wgqp=h**jCb*&KK=)t&wK=Ot&nHHPw=M&dp!kd6=nHHPw%3A%2F%2F26XIsPT6pXnTKZwsKXe%2FPT6pXVPkePZgBVwPgKpVuXBkHw%2F&Bwp=b&6D=M&kIu=3&gD=M0**&ZHH6p=fXKXBkH%20z6Xkd%20JkePZgB%20APgKp%20)XBkHw&eKv=((C*&PIgu=P*M-330M00bbHC*ChMCMC*-3b&nHe6wdK=M&sflct=2583709&ure=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 04 Jun 2018 10:04:19 GMT
server: Apache
content-type: image/gif
cache-control: max-age=1148788
accept-ranges: bytes
content-length: 42
expires: Mon, 25 Dec 2023 15:52:16 GMT

GET
DATA 200
OK truncated
/ Frame 6FAE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 6FAE 15 B
348 B 48ms
48ms Script
text/javascript 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4224&&vgd_canary=0&vgd_l2type=scs_newfl&fp=pwutdmRQDY7X8pcFEhl2f2P6stIMrKze_yd4t8Q0R6A-22PXh7jOaE_-rTAVKLqQySm9pjIxWgi0E01uPk5I9YuRDVJLLv1hm3K44hTHlMqXHpbXNoFuBGB7rTsqyqexMLnDaC_29Fj4OpgtRSoKBg%3D%3D&cme=hrJ8knBWaK4gvw7LQ_wp5qyglXccROtqxx0KImo-QJVf77jtAmLTIlMlsVzXGuvOawhaqnhEqDTlyjJ8d2EXhQKdDTSUl9wEvG1mVYbU4MtvNUaLn7fMeuAQ_SA6lN6U0QtbZj65v28orcnGFkirMGEkvhg9iUDMrYgTv-9_qyx_JLN3EFGBbg7izimoKSF4BdR9Cn7RLgnB1vmF__TuQRE-HxZNwLtw-nva6ZzT8swRijYjSjEtj-GM3CP5GSeTqWgR6TsyoA509KbTYPAN6n26n-fhBzdCol6LLasgcEdhO0OPi47UlHM53HNoIcYE-2Vc_YeyDkpGBzfuj2HJKg%3D%3D%7C%7CKOA2tkfoPlCxJ92iUGwOAOjvrAntvstjsqfdFh21d5xC9Mu-iI0P55yevFux3RbjJaYB280Ctus%3D%7Ca0AmFUYXmD6xgDV1rtT8tb0A3Zhve8y8ElfuNo1dWl7e4w_1j2cZBdRYuTwT1onjftaqhqG0pkCWubmEnJ9aIA%3D%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7CDfRZ_XVUeB-c-sye6dIf-woKL_8-JD14E2BYtRp60T7kk0mcvhHEh-7Du3BGoHX1qfcvDr6MXG3IsDueR28b34A_QuCrLvYhCkftPGF4k6LJfWFMX-C7GTOOEvMJPcD7lakinGlBxN59GZsMcplF-H9VoCEHT-Y8TOt-0E0PUG2APbiDPiErTO1I5Kp1uXx_YkNUh8WlYnYzL2vMHAPPCq9_yBZ2FN-nxecL4D9Vck6rsPFGJQMy56H51RTYR19rce7zuxmnsFPsW3nmS6Pnqw%3D%3D%7C&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Easy+Baked+Donut+Recipes&kwt[]=475&kbc[]=3897d78d1f9c313701e0a14707637973.d2s&kwp[]=1&kid[]=364955855&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.093%7C12%3D0.28%7C80%3D2.96%7C74%3D2.15%7C60%3D0.09%7C53%3D0.06%7C1%3D0.39%7C2%3D0.87&ktd[]=824650895616&kwd[]=Pumpkin+Spice+Recipe+Ingredients&kwt[]=475&kbc[]=3897d78d1f9c313701e0a14707637973.d2s&kwp[]=2&kid[]=356122959&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.093%7C12%3D0.28%7C80%3D2.96%7C74%3D2.15%7C60%3D0.09%7C53%3D0.06%7C1%3D0.18%7C2%3D0.42&ktd[]=824650895616&kwd[]=Paleo+Breakfast+Recipes&kwt[]=475&kbc[]=3897d78d1f9c313701e0a14707637973.d2s&kwp[]=3&kid[]=321048712&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.093%7C12%3D0.28%7C80%3D2.96%7C74%3D2.15%7C60%3D0.09%7C53%3D0.06%7C1%3D0.31%7C2%3D1.05&ktd[]=274911858944&kwd[]=Gluten-Free+Donut+Recipes&kwt[]=475&kbc[]=3897d78d1f9c313701e0a14707637973.d2s&kwp[]=4&kid[]=356318761&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.093%7C12%3D0.27%7C80%3D2.96%7C74%3D2.15%7C60%3D0.22%7C53%3D0.11%7C1%3D0.44%7C2%3D1.70&ktd[]=824650895616&v=1&gdpr=1&geo=49.1%7C10.75&dlper=25&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&cid=8CUG3G308&vi=1702370747254251198&vsid=DefVid&tdAdd[]=asnum%3D28753&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_adpref_diff=1010&vgd_implt=3&vgd_cage=0&vgd_tsce=L345-S345&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_katid=807890594&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Ctbtype%3DvDef&vgd_kals=tbid%3D-21%7C%7Cttype%3D10002%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Cctr%3D0.016%7C%7Crpc%3D0.106%7C%7Cttd%3D8&vgd_kalog=SID%3D8%7C%7CHID%3D0%7C%7CTTC%3D50%7C%7CUUID%3D2IakUhZg76VG6dODJY%7C%7CMI%3D3459%7C%7CTLID%3D6%7C%7CSI%3D3459%7C%7CTPTD%3D2900533700947248676%7C%7CTC%3D13%7C%7CCI%3D3459%7C%7CTCL%3D49%7C%7CMPTD%3D128&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=gunzenhausen&vgd_ifrmode=03&sttm=1702370747730&upk=1702370748.24205&hvsid=00001702370747730006245726724799&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_l1rakh=1702370747192872159&vgd_isiolc=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D28753&vgd_mcf=9920&vgd_vstrid=DefVid&vgd_icat=686&vgd_spcat=500677&vgd_cfud=220419&vgd_scsver=284&vgd_optout=0&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1cdv=1129&vgd_l1rpth=%2Fdmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A302%3Brend_h%3A250&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001702370747730006245726724799&rc=0&rand=1702370748050&matm=1702370748051&vgd_ltimesrc=2&vgd_ltime=358&vgd_rtime=327&vgd_etm=2&vgd_l1hcsd=Ss1v0%7C8234&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=1131&vgd_pgid=p01844616655t202312120845&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=AS%7CDIV-726657258%7CDIV-paleo-1510304820&vgd_eadm=1&vgd_end=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Tue, 12 Dec 2023 08:45:48 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 15
Expires: Tue, 12 Dec 2023 08:45:48 GMT

GET
H2 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD17 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame AF1B 2 KB
3 KB 50ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989d80f5577ffb3f370ed7271a456181e5fb38cb23c618f8d71584ad3021a4fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b178b90a3a96-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:48 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BD17 3 KB
1 KB 53ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5A6 1 KB
1001 B 51ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BD17 20 KB
9 KB 47ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BD17 0
0 34ms
33ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb_qbddFxgF3yImpwWLgIiT1UlIWO239pLF9CQom2iMU70YgsaZunD0O_K73e1lAuDAIMV8T0ScJLwt-wI-tUnG_Gk9Q
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BD17 24 KB
7 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BD17 202 KB
61 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:31:35 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AF1B 115 KB
13 KB 25ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2511865
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKQ5xkgvGAW9rH4u%2FgweulnjIWFpmzXwRcQaa0Thx4xw9Jo6raPxmZw%2BrD6r%2FqZAPEmr7pVDoaOWwWWrzzUPgIg03KP3%2BO%2FmZ2AD8GW07pFIGKOGFE78YCi9Dal1Pm0KMw%2B1vN7CIMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b178f9593a96-FRA
expires: Wed, 13 Dec 2023 08:45:48 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame AF1B 24 KB
10 KB 22ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 516660
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIgPLdhcV8kPQuMEiXg3VFH2RwmMIkkfLDmkgUA266MkCicVNqFTchCaiNG935gSdtPwvAoiko96qvsxhCiZAjUA9EFE6zp29YRXgVRCV4Yw4MR8PynLo4KF7lDEsXFqcGaLgek%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8344b178f95d3a96-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
DATA 200
OK truncated
/ Frame BD17 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a388bacddd72da67a26c5dd0bfb9eb2575caaf8ea80e9ff5a7b63e0f300a55c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWL...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWLcimS...

170 B
329 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWLcimSX9DZa_GxrxDA

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmQ2nN3PUA6KtXcTfPxG_x2r7M0N6Ee4iu-bPNyrSh0HYzr1iGzu3TllUFXg-cIMmYzLLwBb7IMghsRjWLcimSX9DZa_GxrxDA
Date: Tue, 12 Dec 2023 08:45:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevE...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevEN-lGKCwKFPND0g

170 B
232 B

24ms
23ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevEN-lGKCwKFPND0g

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmRHU1GATveUCzVgQ6juag_amCiM6VnD2gNDU7tOHXXvkJxRDMkhPQ8_uzHzfDoUBOYdEy4uaUGLpEJFhevEN-lGKCwKFPND0g
x-host: tde-deliveryengine-production-699fcc6655-lbg55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpD...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpDgGzOiNis&google_hm=eS1zTnpJSkNwRTJwR2F...

170 B
232 B

26ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpDgGzOiNis&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7kB338UUEAMuTGXIQTOQG4KXx7mFSsUx-pAmDlUidTp7QAmANw-9tm7dVXK3LsTR5vIiEwupoH2dxEh1zrDJDBpDgGzOiNis&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiY...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30H...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE

170 B
188 B

26ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2V7xR3C6v5oSm4rXZrMOlVDpizFGcU-EErcFMDQ8Gui6GfaV8KXyi8ROkpqeRm5evfv12L9yIQk4i_6DSTv30HiYrEMA1zvE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F5A6 43 B
363 B 62ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTujk-9OruZ_n8_Yur-WObbTXw-CL6QFw1wRe79ztZB9FsXPib2XIVQncyMITyk__mFWBXrb0gXClVw9ZFbsIdPI4WpCIlARD0&google_gid=CAESECe_lna60P5DcBr054RpbF0&google_cver=1

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 216185
expires: Tue, 12 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0S...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulk...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX...

170 B
232 B

27ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0SzgP_O78wV_sTWz1Q8F-XwFM

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmTWeEGz9NfPyEJWoqNu3wopaSyOjV6SLfGV0A4KZAhoPFL9TErGRmDCxEHbuTSXpeUSulkbhX0SzgP_O78wV_sTWz1Q8F-XwFM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ3mg8EVXUjUBxxOZIelAOM&google_cver=1&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68gjNmKCEdbLS85MWeGsI

170 B
232 B

50ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68gjNmKCEdbLS85MWeGsI

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSu9wvWl_pBoiXjDzSIPp6y7vLEncjpfFyyGZ5QR5ZSV9-JOQnsXbyX5EwtBEK0FWwtNfuuylMKrZ68gjNmKCEdbLS85MWeGsI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F5A6 0
130 B 87ms
23ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd1Gz7ijQ1adO1MHGkriHJ9qTKi5GrucD0_E1VeFY2uWGPVo3p_vkgHqoMfqqZuCKFo3zo

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AF1B 350 B
914 B 49ms
26ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 961984
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BPNr9CyDk1LAaNg4%2F46lV2tqrZ834MXEqpS09gFWZi8k2cmNhqCJ07Hdk%2FbMDxHgLGiPj3KUYyj9ZkIArDH%2F6YpQBG5lIO1yqDkTdhi6dv7Emslom%2BfrOk0MGa8XLoLS3xtEv%2B4yemEAAMwEx%2FWDlAO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b1798da54d4a-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 1FE0 2 KB
2 KB 25ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1185754
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8344b1795e1e917a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 12 Dec 2023 08:45:48 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOwgldNMMCthW7x7YeXxWsZgBwXmRzlcTO4N%2BfoKW5x3d9IOPOzrsxqYoBayjdIAoDrXLuudolQ%2F%2FASTmQIECuXAj6Whj4nrtbjh%2BhE3q9jjWvY%2FcKXTmV2uw7%2F%2B8kXJHMlPoiU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8344b179a8579165-FRA
content-length: 24
content-type: text/plain
date: Tue, 12 Dec 2023 08:45:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdDRehs5O1ZZNErHmBcrsNy%2F5oUQGwJ40ZSrhZ8bZD4OyrOILlY09zLl5izNVnXVPyZxZXenwzuM8ZOdczAALvRxYh1K6BupDze88RiY19ury951QgVFTcxzLpl5OM0Wk%2BvodRk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0rkl

POST
H3 200 rs Show response
ad4m.at/ Frame AF1B 2 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a292bb17e3fdc18c0bacb659bc6b732690e2b938c577bb2a324e18c8861e2a0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTddnvfBfk3ycL7njGX%2FL9rkkSVb7BumlfBkst5%2Ft38r3AwBen2Jw1E9ocMn%2FugyozvQAEA5vJgreTjkVWFS5bn2hEjkXxXMspyBFAoPPPG%2Ff4kvxPP86%2Bcd2UfkXhG0ug%2BEqNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8344b179d8989165-FRA
x-backend-server: aa-reachservice-group-europe-west1-0rkl
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BD17 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGxlkux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEvQJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj0fz4hzfW1K89-alUBtk1YfjbJtUakNmb8adJ6W9_w5NFyDm5yq6OAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA4AKAfoLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=Hz0QoxNyPTk&uach_m=%5BUACH%5D&cid=CAQSPADICaaNAMHPWQtPn7QN63aAhgfz37YUBEV2YDetk2Ns7L9O8Va2BEAPTaQQAXg7PwE4r3XDGh8kR9zUJBgB&cbvp=2&vis=1
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame BD17 0
103 B 49ms
20ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gqyrfxwd4admfaa57ry1mcwaejsp1v8yyre2pp5x4j9rnfq2t868myxp1ez9e03hxjzc9t5p6c66sapavwdhqt3gm5nzhqthxdzc8xh3m1187gk1k5648hnrfk08bata4bwvdyk86zh0r3x1eq8jq2peq8e9pnwbaqmwywnswfw8h513887fr29fz82w1d1mv7vy3gwhq8fe0cvzw4jws1n4c0genskc8b6tj3t460pmfp243b8s0m6drg3qy8bmqb9xab5ydqqwnfqnsk9x4psmw5t7791jkn59n156ydnhc034zwxsa5d3nmngaz1q9k5qtpqjjda39jxxzrbqr390nchzn90jb911ywryyb12r8ddx8s5dbn0kwaqy0ch5jdk8q6nnc16d0&b=ZXgduwAN450Iu-EKAAHlQ3erWRkP5sH2Q96e9Q&cbvp=2
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5FF7 9 KB
4 KB 35ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c494a78a39f30eb778c1bbe6d40082d6ed4e405481d1eabf3a869f10747455

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k1d8pnv4xnhbmxf7em1sh9qfq1k89vt3747agtbdx79rbv1gaq90fg07drcdwtpw13145v56s565w46eg4n87qjs7pkpqn5n7rgnp20jqs54eak6xw5jb64nenvhqx7z2tsk6b425rf114hp4wgqvyqks3crja20sat3awjqf3cfwfp1k5n48xfzmm3cvt8ttgp1wth36rhn48ahckt0rpmryz9sz9ndxesj3bjhzm9ngr7dmy019wx9v9se69efrqataw8f9v326dcwxxj6px2ppvwhtws6skc2ck4x0z95manh0qxtpygs2qm9pn3vsdbnc0aqh3y3x117gx3jvf1xfaka3zj4k5pxjjhcdcn7v955j24hwyn6r0jxaa7gxxzx1z685fm5arpgh0mc933f5rf103emkm2sdfncjvf2n3srybz8rzk51ttvww5jbgkgwqqsw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b17a2f17917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:48 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5FF7 115 KB
14 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347310
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEZWHuFGDz8gRgGYAxrlwH4yOV0fjGdsOOdBqtcEhWruw82hPqX0jP2lM4tNvGrQmBIW5ZeqEArpqDt2qRwv9YJwa1JqHou21GDfBbb8GZCMOrG5mv3yK0RXmfFTwORHK8xxFbMhGJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b17a5f66917a-FRA
expires: Wed, 13 Dec 2023 08:45:48 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 5FF7 9 KB
9 KB 21ms
21ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227320
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcYL08e3dO1JwxlKweByT7VRqbbYRq5alMG9%2FlqHa%2FjXdGZSbEL4%2BKgIvliByyhhl3m5HU%2BYHg5%2BF%2FuFDR1dqogjZ89wPF0zZazTOoC%2FciQdgCCZ7uxvK9hIj6EcXEtIfz2Yw9UCydDN0wT%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b2e3a96-FRA

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame 5FF7 22 KB
22 KB 27ms
27ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1233027
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 22596
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:47 GMT
server: cloudflare
etag: "80c578a48f16f48e135bcb3d2ea2c9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQz5FSh8vj05sPLomDY6t3%2FX5FQ2xSGjsVw9joZeN0UP%2BN%2Bx%2BlYqfToqvJJEAug%2BMfqd32EWf0vUvin0GXsp%2B3eYJof5E90MHYg8VbvKmxylN8HP9SJ9eqyap1v%2BaExyV1%2BUNvzpNsnUNVek"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b2c3a96-FRA

GET
H2 200 2aed39855b5f46b777481d90b61d111f
pv.medialead.de/trck/epv/ Frame 5FF7 0
327 B 111ms
16ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 5FF7 4 KB
5 KB 21ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 303930
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B015pO2%2B3ZIVzO49oFnfZ5UpUf4w7Pgo0CbFr8FDRupQRrE9q9ajIZNQwqSYpx6sbYZV58C8r2UPSpTucXXLzN%2BImTCWqD1qq9jvXydN2li5na%2BRK%2BR3nZ5DEjLyNIAIUYO3OiY5HuBXp1o"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b303a96-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 5FF7 15 KB
16 KB 23ms
22ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2774544
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNs7o0epo%2BJcCEv6aI3yVs3aO7zr5GJglVPwWYtAoCmS9BLT69JqJqb2X5qPBAlsTIwOjhzpduTWrOnV0TopyZyWHeAU%2BLLJ2SM4Hy%2F%2FG3zTnAsXJ19qe5G%2BcFRc08koUqQ5AI41R3yITWOg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b323a96-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5FF7 43 B
704 B 161ms
83ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:48 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 5FF7 2 KB
2 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 309441
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yZHy5ooe4H%2B%2FCVxv0WRD%2F0eNUpfxzJvNIMdfxlTKyByIeURt9ntPlxSxZamXl75LtHD2QWDAoVvefOaVPj1lpnlJc9wqn5O3jk1Rhs7oSOms6l4iwbYLtmg1TIrwhnA9oPBPP4WJAv7LJ%2BA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b333a96-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 5FF7 23 KB
23 KB 23ms
23ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=c1bf5c31b7c8fd26c63e64671a1bb7fc%2F17048046521977621574&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370748457&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz592gwkp8454ffkaaxbcz6pyrnq7jdvcex5gjnpy36hkxe5xknk1355nkrzwwz8e7tbrzys4thr7qre6sm27fw6wywksgydawjpdepsy3yv1tq64tvkgwxzv01bbtdxbk7n9esghg8nbqn8q41tg0e07tqzhgmqd5pcsqb5kxshxyh9aq61df6pkebc6w3qg9zqnhkhepd8y92fx5z5tkk3gtmty1wc7e1b67cwvhxhn8xpx393y1r3ct96sd3w9zhjxt4jqkd5k8s8ssqm5ee%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeKevux14ZZ3HN4rC7_UPw8qH-AOQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0Hm91nQLgAK8HMLV84N8VZjtMli3ANREBdm1BfdIgggemsrma6ypvOQ2Q_lE-zQY063IMaitOB0dvQikrDv4sZzGghEDrG4kM_qNXuNckshsVqrGaOk46g0J7Uh9uRjexEZcyZoSMkuGJBsGUyXJo102H02uW7eBiu6aKVCZl3mqSKATr9PG2kwXUBxX5YS_4jhFutM-lFjZSZGhHRwZ2stAVy-xUjc57orZcW4AbBJoKe3d-FKNqsIsJRC4gj2sIiQe9ImmAZrOyDxIJKEedVzPP32PbYJ-Za2n2-ogE8xcdy6XRAguaJenXiC-SnNeCJdun4c5xgXpfFh980VwWAin1Q99OQLrxk1BaO1Ltxl65qL9Bj1dzanhqpTNsxcd3da32sTttKZn_KMjgWKattcED2gnGERWRwPqIG0hP-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj489CdwYmDA_oLAggBgAwB4g0TCMGj0Z3BiYMDFQrhuwgdQ-UBP9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0uE6Ffa2YVonteAApscxmhftAOtw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2427803
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOECXeIf2eDx8jTcaTSep12LXiiKHEYQPe7LxfAXNhc3k5WdJ1rMOBn1Hyc6JMhspltBFCxhpYwXQfkEwolMkJDg%2BIY1QtjpT%2Bh0Zs31eSdmCJXHfU%2B5Q%2BpJGp6sfFgpOkdf3pO22ryArp9G"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b17a5b353a96-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5FF7 43 B
704 B 157ms
78ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:48 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 1 KB
936 B 1227ms
1226ms XHR
text/html 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=22304&_=1702370747710

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

246de55cb0e89a31fa93fa8dd530fa36e8bab5862087a80fce540ff7bcfa9d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 8344b17a8c7d3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
237 B 41ms
40ms Image
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=YMx5chLGDq6q&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 12 Dec 2023 08:45:48 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1103060422665783
content-length: 0
x-served-by: cache-fra-eddf8230049-FRA
pragma: no-cache
server: envoy
x-timer: S1702370749.655233,VS0,VE31
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3F4A 9 KB
858 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 07:04:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 08:45:48 GMT

GET
H3 200 bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
blog.paleohacks.com/wp-content/uploads/2016/05/ 15 KB
15 KB 19ms
19ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/05/bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
age: 703837
cf-polished: qual=85, origFmt=jpeg, origSize=22364
content-disposition: inline; filename="bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15352
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 17:46:36 GMT
server: cloudflare
etag: "5dc6fb7c-575c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b17bde073672-FRA
expires: Wed, 03 Jan 2024 05:15:10 GMT

GET
H3 200 How-to-Carb-Cycle-for-Fat-Loss744.jpg
blog.paleohacks.com/wp-content/uploads/2018/06/ 64 KB
64 KB 20ms
20ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/How-to-Carb-Cycle-for-Fat-Loss744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
age: 274554
cf-polished: qual=85, origFmt=jpeg, origSize=78072
content-disposition: inline; filename="How-to-Carb-Cycle-for-Fat-Loss744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 65332
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:49:10 GMT
server: cloudflare
etag: "5dc76c96-130f8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b17bde093672-FRA
expires: Mon, 08 Jan 2024 04:29:54 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F0ED 9 KB
762 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 07:27:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 08:45:48 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdujm5AJL7xoxqOaV2j1aYIZQttcaA2km5zthqXxo2x1JTmgTc1oMXFqoGrxlvMLvg2zWqB5BRzXSQAZ0tFPvviMC72CMq4zo%2FO8MIiWfvAj1I6OJcd4bJUGtkOuomd3aMv7kfRAeynWpGs5cXlbspy4NyvWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8344b17ca827913a-FRA

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 16 KB
3 KB 1058ms
1058ms XHR
application/json 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

17aed269c2aa0b62c9cfc77021626f15a8add5dbb81aa3b7f5c5af562c2a8a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8344b17cdf003672-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Hind-Regular.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/ 93 KB
93 KB 25ms
25ms Font
application/octet-stream 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92

Request headers

Referer: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2584917
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 8344b17cef173672-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 10:43:51 GMT

GET
H3 200 Montserrat-SemiBold.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/ 79 KB
79 KB 27ms
26ms Font
application/octet-stream 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Request headers

Referer: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:48 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1060743
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 8344b17cef1a3672-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 02:06:44 GMT

GET
H2 200 comments.php
www.facebook.com/v4.0/plugins/ Frame 9E6A 0
0 111ms
111ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1537a0f66b731%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff118854819c88e%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=373056406c36ccabfb7608bbf4a7deb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Dec 2023 08:45:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: Z6ZHg77/4Ka4cwQN26S32knwpZIDEf+RScH6EC0/E1H0CGES2JU81udYu4Phn54PO0SdMahHQYJcsz/TRGWJIw==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame FF7C 0
117 B 113ms
110ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb13efe96ae108%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff118854819c88e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=373056406c36ccabfb7608bbf4a7deb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Dec 2023 08:45:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: xuSGHjhrH9Ta6/FcxDJsyEg8iomfv4jVsbSriLV29IzK8Okc3ZB0rO6gC6dMYyjm5R8RpAzmEyMadz0WkQrTXg==
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 4BF9 565 B
428 B 39ms
38ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 08:45:49 GMT
pinterest-version: 18ca486382a49382d94e5112f49bc2f9e5d43a34
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 9347985117705606

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
62ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2616c9a1fbfc326660005616dad5bf396b406af93e50fc5dae3ae40d56eb8126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12397
x-xss-protection: 0

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
714 B 612ms
586ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: cb58afec45fe3b400fd9afae3fe3e56ae268abf6e7c5e700c6bd38de95d38648

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9FQZmaK1ofGl7xbxsqTdS0Dsbs0vot%2FOaZlgnPgP4O1fRepQHDbTuaLP0BVp6%2BStMMIkzy7Z7QxXFPZC0tjkUMZxtqQt0%2FAg6F5fmvtUhJp5qSSC1JQDjqP4ibOALQ%2BmNRw3TxVzv0ituM9vI9vFcKY%2FqRE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 8344b17d4fa11e6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:45:49 GMT

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 22ms
22ms Image
text/javascript 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=778&lf=3&&vgd_tsce=L345&vgd_l2type=scs_newfl&vgd_cdv=1129&vgd_cage=6&vgd_rensize=1600_1200&vgd_ren_page_h=11303&vgd_lbt=1000&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&vi=1702370747254251198&ugd=4&cc=DE&sc=HE&startTime=1702370747726&l1ch=1&l1hcsd=l1!Ss1v0|8234&sttm=1702370747730&upk=1702370748.24205&hvsid=00001702370747730006245726724799&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1702370747192872159&vgd_sc=HE&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01844616655t202312120845&vgd_pgids=1&vgd_end=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Tue, 12 Dec 2023 08:45:49 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Tue, 12 Dec 2023 08:45:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA57 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:33:34 GMT
expires: Tue, 10 Dec 2024 12:33:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0AEE 829 B
560 B 26ms
25ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56749a98ed9d7407c6d55f8c9b02c2af0711c5726485469411d1ad5f80aed0be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gNbqP_3Ph3nV4SWLyAqhmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gNbqP_3Ph3nV4SWLyAqhmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:49 GMT
expires: Tue, 12 Dec 2023 08:45:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BA57 39 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:33:35 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0AEE 0
0 55ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=1149456987301129&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BA57 0
10 B 17ms
17ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QoONpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
api.ipify.org/ 19 B
219 B 398ms
134ms XHR
application/json 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.1 /
Resource Hash: c281e65a91ee0ee836aff677027641b3f72eac21679771e291d9e42cd794e1dd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Dec 2023 08:45:49 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 19
Vary: Origin
Content-Type: application/json

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=1149456987301129&bg=!dnWldTrNAAY3kmNgF5I7ADQBe5WfOMn7W7HQOKCnodypSvDrPQm4eXK3e49b9co_YUh2XDeFOnlAfsVUop9kZ9k6ZdHhAgAAADBSAAAAAmgBBwoAeWOBbkWGHWU6Kg9kmJ4Gn90_I1pocvtsCxMwmfR5R2t4E1C_mWLavX5Tug0hnMKtYJW-u6EYeu-fer1pi7EcFovG_vG7EqIxw0dPhXD0S5XflXSaaJQ06MFIeGQBWN41T5D6CwchGumGV4SGmDJvY4QL4pmlvibhGSGZAvrbtgCs2pmfD9bY3ABK-_j-H8ynJdtGVC0BjKdp4Z03ROa5McLwOtoqv6TqUSXMeMohV7IQ2hhQW02HcybTqf_7ffK731Tds2TjuN_dIAznJfJIE5kUupj_N7XXj-kfEqH7eSltNf-FujpXX6SFW7VuBlnUP5kIlSrhaLP_3jKP0IZE2pfn45Y77AQWPZ5s3kiF0OGkCJTE9smk2n0hEfmLFJ4gZKSEQg6Qnp8ZJ-S2nleVozOHQglANEkDEUiTHJ11ofXYhXHudp4uYoEwKmsTX8wQoJiG7_zLEgIwlhPDiyuVy-KI5yyuigxJFb0dd_f1BJ_1DF4e9miAYyuoqy8WEPyIjUrQjtV2gDvw4TtxCKrubhNq-f52rRWOz4QgjlvnB0LbRzeq6QUA8JKUYJf-kIdJf24WmclsT3yC7soVgbN6DJyN253d2UP5aCIJGGPvT5kdzyH-BuFrV0iYAOAoXP6MccL0OYZnTeSfxJ-OukgIEfTuAFtHeMGGExHMiJ-FghAB-wBQOJ8ery46Pew5YJoHh00Gp1UEMOMEAFypisbOP36mcaPSnNzsWu556veMH6T2FgquCKuCwGJHaYR5YLdGmqVACK_fA8RDf2Ilbgk8xv0kv0_9RBm_uiA32euSl56-DdzmbmtJevZ7X2B4qXfXLMdIBkGD9toL5I4J_q4uILG-E1Y_1KXWk1QV6yeBtJDPtA3BcPuRT2BjCWT5PA68S4rpwGBR-Pmd6Zdul273Php6iO7a-pQCqRiGicu_m9ZLCKoF6_1sugWsiZMe0dGiR7U0jLqEk3Qr1ZTfQHpkdBut6u5pAvQXFga3GDOThDaRxt-I59nQq1dH_qnlA4pdLvRgo1hSblzxQfrWyY1kc5Z5FiumkNpkxZjWDjsKg5WytP19HOdDERAbvL8NaH_c7QLGXrvV4DozCgYLFSBCa_vbNtc1mqB_1F3yECqmm2-Bte4QMOYiS3QKpVbAEtkTaH082WFxhScvYRWjbBPFB1JV6QzUwlE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Popup-okt2017_-_rev-Dessert_Recipes.jpg
blog.paleohacks.com/wp-content/uploads/2017/11/ 40 KB
40 KB 20ms
19ms Image
image/webp 2606:4700:10::ac43:15df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/11/Popup-okt2017_-_rev-Dessert_Recipes.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac63a064b70dc77c6aa7963b1ff7973cc255bdd030cd9c124665dcdfabd0a172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/paleo-pumpkin-spice-donuts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:49 GMT
cf-cache-status: HIT
age: 274555
cf-polished: qual=85, origFmt=jpeg, origSize=90836
content-disposition: inline; filename="Popup-okt2017_-_rev-Dessert_Recipes.webp"
alt-svc: h3=":443"; ma=86400
content-length: 40964
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 20:38:15 GMT
server: cloudflare
etag: "5dc723b7-162d4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8344b1823d4c3672-FRA
expires: Mon, 08 Jan 2024 04:29:54 GMT

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
613 B 203ms
203ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=162226576&activity_type_id=1&fbp=fb.1.1702370747875.684154582&fbc=undefined&ga=GA1.2.562926640.1702370748&client_ip_address=37.58.57.5&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.71%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e9ab8113cf6961224ec924aa0416f42149f3b7258728522590d9d45ade1d043

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Odt501ZRlMESu7PFLUc8FeYfCHRZri2DOvDYR6z%2F%2FiYT3unXKoCiWY5dwoTTdwfFd%2FwdpR4H9i%2FNOGEbWXbFtg5LheeoRaNgVNtQzpJUm5LO95jm30jHTLFWMgWW0Dw9CcAq3v1Cm7pJCU3gIrHb%2BDMTijhOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 8344b1837e9b1e6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

730c3e057155e19d210f39ebdd2bd2a1820a4e6d47bfbafd26c787123dc67aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29087
x-xss-protection: 0
server: cafe
etag: 888 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7101534ef0d3b2b6293981fc5a18490b1d307f719bdc5838e836539324c311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29097
x-xss-protection: 0
server: cafe
etag: 564 / 19703 / 31080056 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26d00c228919ca91a78c690fbfaab3ab19e2c674258d1da7248ce34233ad930d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29087
x-xss-protection: 0
server: cafe
etag: 782 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ceb2694c81db4ae53a09dfe07ca76cee71dffc8a6bde3a12e60cbcdffd50328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28976
x-xss-protection: 0
server: cafe
etag: 685 / 19703 / 31080057 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 23ms
22ms Script
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 156 KB
24 KB 347ms
347ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1149456987301129&correlator=3498481103950100&eid=31072878%2C31073830%2C31079525%2C676982961&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&adks=2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie=ID%3Dfb7854ee4bb0733e%3AT%3D1702370747%3ART%3D1702370747%3AS%3DALNI_MaQRV3CtJLEOtGHaJqf_yurZBVTLA&gpic=UID%3D00000d13d188945b%3AT%3D1702370747%3ART%3D1702370747%3AS%3DALNI_MZI8gGFOiQd0VyvJ0Wa-akQbNf0rg&abxe=1&dt=1702370750432&lmt=1702343370&dlt=1702370747362&idt=276&adxs=436%2C315%2C315%2C1062&adys=1110%2C341%2C11270%2C2959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=562926640.1702370748&ga_sid=1702370748&ga_hid=1091848731&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e2b1fa82b9bd7e4dd1fd524733565b595873686beaad4fbb0e732c2cde9f4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25029
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1E1 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A0B 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5178 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B84 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:47 GMT
expires: Wed, 11 Dec 2024 08:45:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame E2BF 2 KB
3 KB 42ms
39ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16da2c73419c5ebca38f6b5673f24fd136c8e88155d3abae1a0ba1b3f754a48

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b188df57917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F1E1 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C89 1 KB
643 B 18ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F1E1 20 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F1E1 0
0 32ms
28ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOL3xjfoEy-D8WWKnVmK4ycF2axFafinwhVWAoHJNea-WkIo48xPt_6zPNVrQP8vyNwwd4IMyj4F1InS258_AjkCNg2A
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F1E1 24 KB
6 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1E1 203 KB
64 KB 58ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C3E6 167 KB
52 KB 149ms
95ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgdvgAHWkUH_bAPAAUD5iUef2MhqvYxcNR1pg&u=%7Cp9mwpAGTUK15xUqxsEWZmYcGRfT4b5QI07XtN8qRBZ8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62t4LtBo-sBEHo5NtUWX6Om11htG35a4LheQwWb_oR8L-DjUUYnw7j4xk_0uWdViwl1rbRIOq2U1Q_rfS-qQzIk4UZBm0RcGdIwws6Sza8ewZZQ45ccAcXXUlzZK0_oM6YQDv7UAC5Xw_qRM-YvZG7JpK8e6NqSta9gYKMa7buSZ_5Ts83u3RmnlvrN7rcEx1Ha5X_DmkGRqBEqxJGv4gkj1A1hE3V-Qd3shctcvCFPMkgWnkJMpHA6iDzCnZiKb08cx9IhBR7b_65gvTPPyYfLukdTrul8dhmpZO-NWOD-9hmeA-P6epud72Obw8nX7Yp58VH8m2MVUP0WB034GKIO00Yn3SvT5qE2C3-7DYieb612_itpr72AVfynfNhVZgL2OrDDDGhFzWcSHoJ8JLMgroxiTKq2fzSqXcp1pkKUAXNVZ0v3BQdID7UO7jKXJMNFM9XJdwtm2Ts8gjyC0PqHeEM_6diTF4fxeXWP64kH1FO2LyYrC_tqZ_LC4fj7OFRPa0vl0CIRmgwzGXEgHFB9-qygYkb2czJzLfpm6NRIy3mgFqlPZCPOzxnDz_MczBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_igvh14ZcW0HY_g9u8P5oeUmATJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAkc5ppu2D7I-4AIAqAMByAMCqgS4Ak_QYxjlHZgbItdeLC9BzQaWx1DB5Ah5-P7TsYsHOFb_aOZQ0-PiHyQPhoBuag27YeedbLVO_F5jinS44ilES588rGq81Db7BEqzAs69mnGKQbO0-YcSoVVaA0k651-ItwOTDyUm8e1SeONO95ASnRKXkGkDL7nCyyPqCmyXHbTtvp73uomtHjXUdn6CG1dTmvvgruiW6BbuPPL-CcaREaLjNV-7yHDaps3B25aoOUZxFJ4hXQayhAD2Pcbm_DZYVSO39Ska4P3vmCAk8cQmNg6xw0Tgoztgw08lS_AUj9xrTXK0M-Nt53JVN5YBLkhJBolL1CV9PwPg6S6vS30VOK5B4cCsn21BQHv6hgAGk1_yOrNSHHeNn3nweSaKodp2yPMTOJWuFq2ZSS5KJ0mRkHEKF0aYL0Os5OAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqv_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_1FhQ9JSl95tEIGvS45g0Y8a-JxuQ%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bad91132a0733a75b1c8f0204ed27c9ca836b730d8643d7f6e5601929612a493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=RPF2ai_p7O5RNGtxvZbiE380OOC-gfIxQzw5HbC4YkztnzPvI39DaDn7MtggOGi_6mJVnIYv3P37sMvfqmu3A7yruJOJmp5ZBsbXTJd_QgFRo6ajR5ngEC7BAu2JS30OSELOoujbE8dydth0eSQz5ijMogJyEhIYVjvnyfBAp96Hw6i30xvHWOwPEHio_7dMAHo27m6b6esLsVF_3yWVEHWJU71vLWW6fZGOCWgxFNu2WnLTVnFjddo33qSZ5yt2WwPetA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 71641288
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4A0B 3 KB
1 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4786 1 KB
643 B 19ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4A0B 20 KB
8 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4A0B 24 KB
6 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A0B 203 KB
64 KB 107ms
104ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 605B 2 KB
3 KB 45ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9196d58fac20d10e2f28876879b51fc7acda0b2018eef826c5973d69315c904

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b188df59917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5178 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A093 1 KB
643 B 18ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5178 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5178 0
0 29ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5tOs6gBjswspg2XV-DmBsMRnGBiOtFfZaOxe2qADr9DPHtc8XmQDT6YLcGoOxMsSrnV8JhCUlHwpDhW9S_GPTLZuGqw
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5178 24 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5178 203 KB
64 KB 109ms
107ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 2996 2 KB
3 KB 43ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f428d81f805eda4228c58c77cf6f9dc09294652f29febd686e37ca90c03362f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b188ef63917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5B84 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBDE 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5B84 20 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5B84 0
0 33ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8zH-AbEKTqh9wJC9zZPRhRfhRAUtHR9h_xJUZTVi8Mp4e9LyOGKXd60Enl1_Dt7zeMU2xExHTCo_KsxCKq72VZZyYAw
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5B84 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B84 203 KB
64 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:45:50 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3C89 70 B
149 B 135ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxMUkaUY6IGyezN2Nz130o&google_cver=1&google_push=AXcoOmRADwP7upg2Scxzrlvo8xBWiNKvj_eXjP5AGm9sDaN-l7cEqB1VtzrnUzhgbAKz4uIZeL2ZKqd_PdEGX_ILTUMw-iHI5VADuPI
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C89
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJgZp-Y-kDeeqKjxnPbvQP8&google_cver=1&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M&google_hm=Q0FFU0VKZ1pwLVkta0...

170 B
188 B

26ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:50 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjRckfGdrbX9Tb7ybms8CD7tbuqBX2cbhHwX4PQYAhq5fzQoL6WmkgKMsdnDS4jTVREVeaMXyvKdHTv3khCDFtKxxLAhEk70M&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C89
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrM...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrMyKTU...

170 B
188 B

28ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrMyKTUpss2akx9fRf0A

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRns83A5Ort4PYZt1_DH5EdWKJSxjw3QY6AgYdo6NCbnuPXD3LlQe4hP3CZLnTP5ybJSMHR7ZdX-okWrMyKTUpss2akx9fRf0A
Date: Tue, 12 Dec 2023 08:45:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C89
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoOb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoObynhv0OBM&google_hm=eS1zTnpJSkNwRTJwR2F...

170 B
188 B

31ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoObynhv0OBM&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREadylqFAfkIuiGn3X5iJLnX4RNqtecuQRvZjGlwDL9XNfg9VitO5BcbS-irYiJjiy3nr56wHiMnSwpdXaY8kGoObynhv0OBM&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C89
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfeznxD...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfezn...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfeznxDwQHpvJa7ihW7321O7HOi5i4

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmQ8R5PtHX2Jb6ghIdOhd2GURsPraT_KpIEQf_lGki48Cb0AISH0NPW-UEw9LQAz2w7NWgfeznxDwQHpvJa7ihW7321O7HOi5i4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C89
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl7P...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl7PmNWHBqD-4skAbC76ep5AxA

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRiaDUT-Omy70cuWYOaBmLx5_4F6g_BYNefitfr_G-ky0fp9NFbxHPjVUikubJ9CVGA6sRRLl7PmNWHBqD-4skAbC76ep5AxA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 3C89
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED9Ye8DbBfs9...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoD8zamxtOiE0tjTXYJcNJaLhx7CmheaWpspaKeimH2B9OjGQCApse6tCrrnqgiR_20BcBu9dAHF37WNgVxXOmFuAJRFHfD4on
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

81ms
81ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 12 Dec 2023 08:45:51 GMT
pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C89 0
12 B 28ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnHEfdaknPEPwtQIifJVvDLeariZVtt8q1ZFjrEtSRcgW1xnZgbo4QPytq61lYkXCWWCzJHQ

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4786
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5Hka...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5H...

43 B
426 B

180ms
179ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344b18a69e42c5f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 75
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPJ6RjGVD_GauZypNr7rX0&google_cver=1&google_push=AXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQHFKO4dbjoFtMP6Q4IsunCnluD6zEZvP8jfMiYvEmJvuCHy9f0gEi-V7Y8mQnGw9HCiaeCFkTJZpfc9-G6-TxAKc4uB5HkaazD%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8344b18948a52c5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4786
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK67lOOceOAxBDdmatE4Fqk&google_cver=1&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9G4m0IsF88ULRWIAk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DCEDE9334258483A88F8B59A9E99C75B&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9...

170 B
188 B

28ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DCEDE9334258483A88F8B59A9E99C75B&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9G4m0IsF88ULRWIAk

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DCEDE9334258483A88F8B59A9E99C75B&google_push=AXcoOmSd7exNPjVuB_vpE60MN5PgAGuujg98II3FCYlaCSnmoaXNeD-mrRXpsdgi60qoHOzKLJupIRvNO36udE9G4m0IsF88ULRWIAk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 11 Dec 2023 08:45:50 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4786 0
174 B 74ms
22ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGI6BzFrdZqZVDPlQ4PnTRY&google_cver=1&google_push=AXcoOmT8IJIHtZ7Dr0hutQ2kQX5MNcCU1LUF0xJMMy41DpY_7QqIafhdcs396XPGn618Q-MJX-Tz0vmoMlSfuS16_U_9MOFs97TEfLWf
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4786
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJgZp-Y-kDeeqKjxnPbvQP8&google_cver=1&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc&google_hm=Q0FFU0VKZ1pwLVkta0...

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:50 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQB9uHw1akeVAxsm640dVjKllre6JQVb39jiXHZUbqnw7d7dK2HxcxK2Gvx9F_6NM7FbCNXzzdC7zOw_lhJHgwSrPkxmaDWKHc&google_hm=Q0FFU0VKZ1pwLVkta0RlZXFLanhuUGJ2UVA4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4786
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCHZEucKrY4&google_hm=eS1zTnpJSkNwRTJwR2F...

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCHZEucKrY4&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR91Csx1sc174mxgXGfp23KOAlqx4z9C3VAwmSy5T0T-HqRM87P6p_ngmPP3dnVWPu50Qbngb6zUUqnJtPp1JtAWCHZEucKrY4&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4786
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5j...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5jL3qza8TDp

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5jL3qza8TDp

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTe26feQSaKuYtT7DtpMsBiPaQljwsDiiHdOM5LehVtRJ4_yuIamHND_AYOXPqwg3H9cLLmtLTMjEfwOrBgrusJD5jL3qza8TDp
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4786
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P7H...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P...

170 B
188 B

33ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P7HZ8l9fPQp05EZ3f-EFH-I0kol

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRCPXavNV9_aL8i_yB5kFwny1y49W-iBTwKwsgZk8uts3GuEfz-2saRmHnGsrtRwr6uXiq05P7HZ8l9fPQp05EZ3f-EFH-I0kol
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4786 0
12 B 35ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzqcDDlfpnlXcu2D2aLILFNWcWS2KBMIwYJZbEi8Y-3MbU1yeCJqersOS3LrO6L3nQYQWv

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A093
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJE0CMAWiffqcVoRevdocLQ&google_push=AXcoOmTxehoaJfh0ptYfnVgLRN0L_2jYU2gmAXF4JsCoHY-RaRWuo0_X8u...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJE0CMAWiffqcVoRevdocLQ&google_push=AXcoOmTxehoaJfh0ptYfnVgLRN0L_2jYU2gmAXF4JsCoHY-RaRWuo0_X8uwLgFj7VlKv9biaNYtjQc6C6rixrPVdcOf2RqG2cCf_WANy

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230044-FRA
pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702370751.936787,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJE0CMAWiffqcVoRevdocLQ&google_push=AXcoOmTxehoaJfh0ptYfnVgLRN0L_2jYU2gmAXF4JsCoHY-RaRWuo0_X8uwLgFj7VlKv9biaNYtjQc6C6rixrPVdcOf2RqG2cCf_WANy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A093
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP61GFArAhNbDhKAE

170 B
188 B

27ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP61GFArAhNbDhKAE

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmQ0ItTKgSS8CMaf-RRf6EJ6QcDxny8JTTgG3chQm3LNpIPT362TF-oDoIKhQ_tvB_tjcHvxcXcNCGbDQTUP61GFArAhNbDhKAE
x-host: tde-deliveryengine-production-699fcc6655-rt986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A093
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXD...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXDLq0zqU1RD&google_hm=eS1zTnpJSkNwRTJwR2...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXDLq0zqU1RD&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0-HedbChUbpcu1XcKHh7Qv2051UiSsYkrKNxNdomNpLNufqMdxJL43kS62-YL6NZjouoXFdIJRrr03tK-1pqqlXDLq0zqU1RD&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A093
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEH6Ko_cKmd_bKHy_0O7Z-HY&google_cver=1&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVP...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVPdPCqtHNrt

170 B
188 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVPdPCqtHNrt

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS6RiayGZswtS5mhU9NXkMZl5oOTrly1ohmvOJeSZPOxe6nrtX2z8I8FWXNHcuNA3DB-W91vmop9F4rD4fWnw-yJVPdPCqtHNrt
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A093
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELPy7HyPHPpN485_TqNlXbQ&google_cver=1&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6XpO6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6Xp...

170 B
188 B

27ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6XpO63HLuKOyEixFm4gNJXZFsu84

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIyNjY2OTkxNzA5MzAxNzU1NA&google_push=AXcoOmRBhFPm6jex28xYQAhogLz9QSyD2vlJiEvjVVToNWn82hE_uN51nspZCU_dd2jyw7oRsAs6XpO63HLuKOyEixFm4gNJXZFsu84
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame A093 43 B
296 B 367ms
25ms Image
image/gif 2a05:d01c:1d8:8100:9449:420b:1a77:b906
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAwfI38DKMMwO73uCMg2YNI&google_cver=1&google_push=AXcoOmS6FCt22rTxaOqiqNTysF_suwisC33FiFke_hSZ7NUjIeqs4Mn3_YrlXHAaUjbz6HkeCu0lykgpu7p-7zxhoO-nvKoXkkZuBDnv
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame A093
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED9Ye8DbBfs9...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSBtXRLK076rjUmljiuaZlaJDplLEsyFeFDncxnntXCjjScsu16KIFxiWqu6fLd4bu3s81vclGrwg-agwY5EuMP0odXL7NVcwi5dg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
36ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 12 Dec 2023 08:45:51 GMT
pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A093 0
12 B 37ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPTgctnPe0lTYOyR_0l08w-FxsITxWtg0ZQVQBP7jImb9wZqj75IDDPaLjMwzdDX2C4FmNew

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CBDE 0
104 B 278ms
80ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBGT18GO-C2KbKbfLh7GBCw&google_cver=1&google_push=AXcoOmQA78ZHFOCHkaod7IJP-m7SmR4RIRT7hWLIQz7rbzkhaCcLt4OdgO62Shtfyb1HpiuDFf6gkMkNCeFJ84XdzMIxEeTwPxSRbIg
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBDE
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIWIykviW90VUUHLSYqtRAc&google_cver=1&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwTujKkrcsQBwIx18BB-Bts&google_hm=q5vNHlnOSxSGKhCKH...

170 B
188 B

28ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwTujKkrcsQBwIx18BB-Bts&google_hm=q5vNHlnOSxSGKhCKH9AFQwU

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLxcNm8oXMN1I42TnhtKHyinWbwUNlxqOwfy1M8sQXmEnLozRlpPzaSGEraEt0H4f01f7G39hVhwTujKkrcsQBwIx18BB-Bts&google_hm=q5vNHlnOSxSGKhCKH9AFQwU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBDE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHyzAtHG81SOaJ-IyYbd-lE&google_cver=1&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25l...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25lGKim...

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25lGKimOW9f1gQNCcvyQ

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTYyNjY4ODMzNjA5OTQ3OA%3D%3D&google_push=AXcoOmRaVYsRB72PmJQQLkeVyquH9Iwn1iooLPiVYFVg-HaJOPqb-b1CspfOuSbUP2ufHWAmdspzB7CSxLG25lGKimOW9f1gQNCcvyQ
Date: Tue, 12 Dec 2023 08:45:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBDE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED-j0i4K1gV9_svtVvoaFsM&google_cver=1&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEg...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEgTFz6FKzrk29YuA

170 B
188 B

28ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEgTFz6FKzrk29YuA

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wan-7Xm9TmMjeILc9HTM2w&google_push=AXcoOmTqKFyr1ncd6S3TUm9yXLS6-yb-SDIdT6q6u0V7Q_Sh8_wDiFMZt4z3bksC2K6ptQFeSh-Q038j0zlJ6MEgTFz6FKzrk29YuA
x-host: tde-deliveryengine-production-699fcc6655-k8hx4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBDE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDDlcgk4k_sooABnq8GVVCc&google_cver=1&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9ngq6oYPw&google_hm=eS1zTnpJSkNwRTJwR2F...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9ngq6oYPw&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTaXvAJxgzvvEZWBQyX3JEndUGAas-AeQPx-UlO4-GBtfnnXUsTKRkoTKYWRmkUy_IJA7W-eHZGDHebSD7KdWxWRX9ngq6oYPw&google_hm=eS1zTnpJSkNwRTJwR2FLTDhUdDhtR2ZQcXRJTHRIeU9rQX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CBDE 43 B
362 B 25ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTNlr61ndPeAQVwqk_nqgJ1RO5yVg5yHXl0M0-Co7IjelB-4hJWyNPRKIHGZdr78jMsVEJcNYj6-jPrESpH45Q4NWaF4GjOig&google_gid=CAESECe_lna60P5DcBr054RpbF0&google_cver=1

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 211857
expires: Tue, 12 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBDE
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJ3mg8EVXUjUBxxOZIelAOM&google_cver=1&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfLMR1xl4TyhwjEhf75ow0

170 B
188 B

26ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfLMR1xl4TyhwjEhf75ow0

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMdJqgssAjFa-eMhwQyx_E1l7fFCNaq8PwwLinBQVcDdJLmD4WE6W0O0l4_7MOM-ZdmVjDZq01DJfLMR1xl4TyhwjEhf75ow0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CBDE 0
12 B 33ms
24ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTgPduyFcO537FSeZl7H8hUxuQl23LQ1lu74f8C0APHtquBx6phaSovc_k5pNs2xfy1Fmb

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame E2BF 115 KB
14 KB 34ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347312
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSmiOBh3g6M4q3Qc9R7qVghoIa%2F7a4XVxCs4J7TFyCoZTFWX96uhMRtfm0sNayrw2gkp46h041vCmcvqB3wsfbpBZL9EexG8ScbpgZNm66FN2EPns068M%2FO7J2KnLp1new6UbkYj5xA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b1892fb0917a-FRA
expires: Wed, 13 Dec 2023 08:45:50 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame E2BF 24 KB
10 KB 27ms
18ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 516662
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2au5f6p8P2wESDkaHDhAjEMJJwbIfiBPe%2BTBYU5%2B%2FpaP3gn59UITQ4ehyzboeQLeTZfqYbd7y2zsyMqdPJMCKzqmSVbqi0ObOTH4u7wU5YHi9i7M401IbDtlkCaI4mi3M%2FD0aWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8344b1892fb2917a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
DATA 200
OK truncated
/ Frame F1E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46e16b6aa49dcbb80b31363018bb4ed4554c6e6b94a4379f86f8db07d6aaa082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 605B 115 KB
14 KB 21ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347312
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb0NDtVFLM6dditRjdnqDWVjz6gyI77NJMd6n9uLoHxiQQ8BXZfpuim9e9ORrrYmcDkaq29ww7zpn%2BN4fXJmBTI%2BHDmbAJgc5lJbLVCvfZMVLBli9uvNW%2FR%2FFHUV5qu03jaPtCk1yUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b1892fb3917a-FRA
expires: Wed, 13 Dec 2023 08:45:50 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 605B 24 KB
10 KB 28ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 516662
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XrpGKdJHqxtOpYGzsVMXBTno3ta05YIU%2BX7pOTFCMzaBHfdJ6%2Brv8vHQc1VA4Ur751HpAWB%2FvU804RpcL6StNJ%2BTmCB4gl5mUe89jU6IK17sq%2FXPARvB1xDhpWtaTjo3626jYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8344b1892fb4917a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2996 115 KB
14 KB 31ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347312
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SHATrGHaq2tho8ydrS7pQ2RnVuSGq2prsGAfg%2BlXizaLWziqNGS9RJKH3XcMCmzQt1txMZ6H75dJWXrKuvs7Yhr2ZkXASugJcXz%2FIgZLxC2fBzKtyHFmwZiknceNQ%2BmjD7xG8ayM%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b1892fb6917a-FRA
expires: Wed, 13 Dec 2023 08:45:50 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 2996 24 KB
10 KB 32ms
30ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 516662
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoBQKVOiaMwobJRQLDITGdaSBeh18Jh7cmDji4FZDajS%2BBYv4cLYLgY1Y1SujJfuIPMfFNLHmL%2BpUSMEfqoCEsgeUeajQeiNUWtALfqpJCS2VvHdKqYgvl6Q7OAPxB6GI9LXxB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8344b1892fb7917a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
DATA 200
OK truncated
/ Frame 4A0B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1eda1c884cecfbec25e30448e80aca5d897947613758a7cc2ae56f5e4b73e68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5B84 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c0df73199df3ed9d0036a03e52b74fde61c1a73c9f68ef257beb59ab138034

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5178 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6af5d86d27092ef26c17d28252e44dd793cb2dbb242ac153c323d36e41cf80da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E2BF 350 B
669 B 20ms
20ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 961986
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A68WC2r%2FEbJsiYzky9t07aY6HLTYBXmoYkTNUhicfCX697ks3peulUPkPI7J%2F9PClHDNliABM9GapNwGmIJn%2BlvpRU7Mj0oCwTcrMMRlXgVQ3%2FiC38R%2FC47obqy3vz5sCoGH45o24iAICvD%2B4WkovLWS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b1896fce4d4a-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 605B 350 B
636 B 29ms
29ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 961986
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BoDf5rh%2FQCcVGhcsGxc0CqUGxD7%2Bs9chI4AX3lkaJVCzl9oVpNGkVimrshwIFEfUbL2Y0OHfVj4JbTR1kKelxN7eoS4Rplqt8FYaOSeTXZWFsmYRMycrb%2FR3hN5E0nfDDlm9NbWzzp7Ffkf7sNEUi9t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b1896fd14d4a-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame D257 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1185756
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8344b1896ff7917a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeS%2FuoxQeoNiPBzm009bhJAuK8%2FxTIBrY4flTBQSh1alq0HU5hpcT5elLv4eJVPI0vlgXU06jWO711e1IWtCfCvHTWwsb97R%2BaU20TBZXLvAQJ2YbrlfeZ1l00%2BeRQI6hEzBw4k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 548B 2 KB
1 KB 22ms
21ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1185756
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8344b1896ff8917a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYdpVFlDtgLfDeLIftKzQ5MJVIYHYGhd7fxEtpEufs4BIlUunEdFb0xR5EolmLvvT4FUjurhWLfk9%2BsZhmhxqoXc%2Fq59ZHYgd5HOEbwSUx6Fwa%2F71huDAdtDBWEAzDHpqNvqqCI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2996 350 B
643 B 26ms
25ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 961986
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGjHJFhpcrq9ghtpOvvdk1xZF%2Bfi4YtSx4GQ32wLMPC5L%2FRDKA%2FrlBI%2FPhGybS%2BZIMKvNxWontboK82zY6BvZXTEs5pQlDyoFHPz%2BANpvUOVutqGRxbPVUfRRl%2B3fW2f8sbHq7QcpHOPuAh3JNBJhwu4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b1897fdf4d4a-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 8436 2 KB
1 KB 27ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1185756
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8344b1897ffe917a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 12 Dec 2023 08:45:50 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nlf3tpAYJKH%2FrvD5SzPuBJviKDoB%2BqEJcPPaKfbIjAPreIXXTVfF45sLuP8sPE86n3b%2FAefOCMZBgqRfzYKsw6jHoh%2FCRCQfVg9qzVOqdrSZVDuZGIIHW2IjMSfl9PG3%2FvXSLg8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C3E6 2 KB
1 KB 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXgdvgAHWkUH_bAPAAUD5iUef2MhqvYxcNR1pg&u=%7Cp9mwpAGTUK15xUqxsEWZmYcGRfT4b5QI07XtN8qRBZ8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62t4LtBo-sBEHo5NtUWX6Om11htG35a4LheQwWb_oR8L-DjUUYnw7j4xk_0uWdViwl1rbRIOq2U1Q_rfS-qQzIk4UZBm0RcGdIwws6Sza8ewZZQ45ccAcXXUlzZK0_oM6YQDv7UAC5Xw_qRM-YvZG7JpK8e6NqSta9gYKMa7buSZ_5Ts83u3RmnlvrN7rcEx1Ha5X_DmkGRqBEqxJGv4gkj1A1hE3V-Qd3shctcvCFPMkgWnkJMpHA6iDzCnZiKb08cx9IhBR7b_65gvTPPyYfLukdTrul8dhmpZO-NWOD-9hmeA-P6epud72Obw8nX7Yp58VH8m2MVUP0WB034GKIO00Yn3SvT5qE2C3-7DYieb612_itpr72AVfynfNhVZgL2OrDDDGhFzWcSHoJ8JLMgroxiTKq2fzSqXcp1pkKUAXNVZ0v3BQdID7UO7jKXJMNFM9XJdwtm2Ts8gjyC0PqHeEM_6diTF4fxeXWP64kH1FO2LyYrC_tqZ_LC4fj7OFRPa0vl0CIRmgwzGXEgHFB9-qygYkb2czJzLfpm6NRIy3mgFqlPZCPOzxnDz_MczBA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_igvh14ZcW0HY_g9u8P5oeUmATJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAkc5ppu2D7I-4AIAqAMByAMCqgS4Ak_QYxjlHZgbItdeLC9BzQaWx1DB5Ah5-P7TsYsHOFb_aOZQ0-PiHyQPhoBuag27YeedbLVO_F5jinS44ilES588rGq81Db7BEqzAs69mnGKQbO0-YcSoVVaA0k651-ItwOTDyUm8e1SeONO95ASnRKXkGkDL7nCyyPqCmyXHbTtvp73uomtHjXUdn6CG1dTmvvgruiW6BbuPPL-CcaREaLjNV-7yHDaps3B25aoOUZxFJ4hXQayhAD2Pcbm_DZYVSO39Ska4P3vmCAk8cQmNg6xw0Tgoztgw08lS_AUj9xrTXK0M-Nt53JVN5YBLkhJBolL1CV9PwPg6S6vS30VOK5B4cCsn21BQHv6hgAGk1_yOrNSHHeNn3nweSaKodp2yPMTOJWuFq2ZSS5KJ0mRkHEKF0aYL0Os5OAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqv_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_1FhQ9JSl95tEIGvS45g0Y8a-JxuQ%26client%3Dca-pub-5144389657785565%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C3E6 2 KB
1 KB 42ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C3E6 308 B
637 B 36ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C3E6 293 B
621 B 38ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C3E6 43 B
348 B 56ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vBjkW8tMbMdegBSpzrhkZc6Uk4au8vEfOtc-DgCUhnSg1yET3NRj_8X744LElVufF_2JR37z0gswn5vh_YL44iPrNIxBPN8V3byVcz7TaRIf-NgqTmmK4VNBS4lWrXpnnoXqvtyi5q7W9blcjvRZWiarxoR1pKMCfFiWhVenqrVzXs8-TnOkAalPRWhI-ETyEGjYarc-YN9TV0YGOJpjxpycefg9waXFIjw1Qc9Oquh_dWgVNMteJykq42xqtqTZC_tscpjdbj22IFcpiFmnJ9jjbnI0A7HydzhVn6Y3QFcZyegLNMS3LBeZXJLE4mivTU36cGByxYuFW4CWCxD3NIB-OOtBjy-hDdjs1wLJmz1oXBQ_kmDVUbZC3ADc2Vcpm6FrAKka-vO7S9OK5OCmgVaHqLUDjbTFl3YOm5TwgwEi1kmBVA1JYAtYxLXbyTt9a64--Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1549049
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F1E1 0
0 57ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0BE4vh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEswJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1ac8Q8nQ2A3F_8wh46MIdMAaPAvZB6fR2lEFrc2iMqTkMvw8kcRDJ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMDgAoB-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcBshccChoSFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=lLNjyTn95PY&uach_m=%5BUACH%5D&cid=CAQSPADICaaNHUm1Pa3hDaHWeMHPIEvupawfKBrLXE6Ay5YouSK3y4pYi_f2oHFcOi3GDYn2H-xWl6YnB7igMxgB&cbvp=2&vis=1
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F1E1 0
39 B 22ms
22ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j24jafh9p8cbhafczbk9h1cks08ye1w6a1sabf9f64pm76yfaec972r0np983qkyrhfjr3mb25feg6hvm6f5xjzfx2hkjna99nskeggkxbt2bscpdsprf501nw98wdpc8y1a4eswmyyh9wxapztbwway9wy00xcfzdtyz9rj768zy4br32dxadmjdv9wg48n3grgbb7x7a8nhtn4dn9avrd0mdnsqq32d9sps8mfz7mjafp60fv6zz76d230hzh6cg66yt772fzzcy3qa0ab6qc98ved3kt1m1t1fx9rpt3mtr9p939er97mq4erfn55kdvmjgwa3448cjv6vp5yv1gr11c3fqxams2sc390z9t69j1106jq5228p3ttw9naa3dc036f4k5p1g&b=ZXgdvgAHWkQH_bAPAAUD5phJKV4JAx4496o_2A&cbvp=2
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5B84 0
0 57ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cb52Xvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoExwJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgSepGbNdqOkkFnGgU8rIsBX0Q7YP6J7d3nmbf0m04T5RCKI1OCcHgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwOACgH6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=4G4mFGRh52o&uach_m=%5BUACH%5D&cid=CAQSPADICaaNHUm1Pa3hDaHWeMHPIEvupawfKBrLXE6Ay5YouSK3y4pYi_f2oHFcOi3GDYn2H-xWl6YnB7igMxgB&cbvp=2&vis=1
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5B84 0
39 B 21ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g2d4wr0w0ykq9r4b6a8f23bk0rv8bese4wrc5nd707t7ng0t1nzc0yvq5vxazwmd1djz1zbqftyd99tb0a9kzaq4tn9mtw8qcjdnf39zcdxwkt2rvpb67r4kvg4gmbvw2nn3hbt7ksgv3yazv13z6d2a13nrtznbx1c523rtghtv0d4j2t19zg90v5m40swbgec4hgabxwreac8hjqhtwzaeaedf96yp3frqxwyjw177xahkfgp5ye0fenpyxn95hhf9d1xn3nxsr13ec3pyc17xxekqphkt16bbm0pww70pcxzv32t95v2n1f6e3cvszg1w360gj1vjys4dgag175ysg12ybfnxvbs518ac1px5w8wxhh8vw017gnf9z9vkjw3x0h1qanv2t0&b=ZXgdvgAHWkcH_bAPAAUD5rFWNZ2saFE59O4nSg&cbvp=2
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C3E6 12 KB
6 KB 16ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 49 KB
49 KB 96ms
64ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=558&rid=4&s=4Nf6fektiTu0poVMJhRm0AUX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a583df7a09074a26a4ddbf7a8c7b89e810940b6b7d14656930d6a5e024389e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 50319
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 15 KB
15 KB 74ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F5413_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=TE_lzCSHaTbV33ZphnFmc8vk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15302
expires: Thu, 04 Jan 2024 05:58:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 3 KB
4 KB 89ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F14484_102.jpg%3F1661517606_2&v=3&w=800&rid=4&s=enNU2VPPv6Hq8xMwWNNi-LhB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Wed, 03 Jan 2024 12:22:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 15 KB
15 KB 68ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F5414_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=kEj7Aws3MI4zCzQ08DkTd268&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c9cf4b8fc6aaabce3465eb341972870714d73b3ab82f6b48c24e70a29b4db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14902
expires: Thu, 04 Jan 2024 07:50:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 14 KB
14 KB 88ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11581_102.jpg%3F1639042771_2&v=3&w=800&rid=4&s=rJC5M0ExGSgeGM5b2Hzs5PR4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b7d4d44cf0b624c3b7ffd0778e3ba873fa7e94408fa77f7e7ea2655739a533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14608
expires: Thu, 04 Jan 2024 04:43:22 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C3E6 0
128 B 52ms
19ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=RPF2ai_p7O5RNGtxvZbiE380OOC-gfIxQzw5HbC4YkztnzPvI39DaDn7MtggOGi_6mJVnIYv3P37sMvfqmu3A7yruJOJmp5ZBsbXTJd_QgFRo6ajR5ngEC7BAu2JS30OSELOoujbE8dydth0eSQz5ijMogJyEhIYVjvnyfBAp96Hw6i30xvHWOwPEHio_7dMAHo27m6b6esLsVF_3yWVEHWJU71vLWW6fZGOCWgxFNu2WnLTVnFjddo33qSZ5yt2WwPetA&sds=2&rev=89682&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C3E6 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C3E6 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Dec 2024 08:45:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5178 0
0 59ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrHJCvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEvQJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBxBdrlTqyBKc9qM3USS5Ivoc-amBQBtnzJ71lNHOndUJgksrXMCI-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA4AKAfoLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=owtJKDN3A3g&uach_m=%5BUACH%5D&cid=CAQSPADICaaNHUm1Pa3hDaHWeMHPIEvupawfKBrLXE6Ay5YouSK3y4pYi_f2oHFcOi3GDYn2H-xWl6YnB7igMxgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 5178 0
11 B 76ms
75ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hnjsfxbqz0nzmxd9gn5x4vc3fq4wp91d9jv9sg7ttznrvvr4t2bpg5r34kv0kq72377k4fzkahhcjjfkafd1vfg84qmq4p0js2cpsqfa5nnb237959sszd9dw53dkjw5eftz8b2chs6hxc06vmh24147dnw0vwe3rac9hzfhe24z9k3e5g7mz9tethhxe497kvktjr5dasg6w24sgm2q4bdb3jhn399c81tws05me75dtty6csz4z0ragw4gq28tvjtn9xn185rx5c75cs2yhgcrqrx31h3x5kzrsde8ambkehgx3tkw87v8bk52ezj8pvfyd8a9m73v9pw0k56kt5n95pv15srcpn70kwrsrx1gpascr7qw2ew1886a8sgkb96ws0rdg2bk18&b=ZXgdvgAHWkYH_bAPAAUD5kpPY7zcNydE2bi3kA&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8344b18a58269165-FRA
content-length: 24
content-type: text/plain
date: Tue, 12 Dec 2023 08:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9XfidHRy4wEbMpzzjoBbE0ZBV5U%2FzhiTO51iXJnajik%2BmFPQ8Uyc7UK495VKGYyuLj9%2BruPJSI3xgKiAAKDCxLs%2B%2F%2Bd%2FlCByfGqd1kVHKGMbFuGQJK%2F1vXHUWcLR%2BwIraMs%2Fb4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0rkl

POST
H3 200 rs Show response
ad4m.at/ Frame 605B 2 KB
2 KB 42ms
42ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c91378277b2e27b507268d13e164275f4ed45f1184d87d952b0181eeeb3a13

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F1kq6CBUzmf97%2B7%2BL8qXHhbE51kMB2rhNGQmGZIA4t%2BXIEp%2FJfI356Mtb3WT8mY3hiiAlxHpFDWv76KR0ck0BIkPa2Pd%2B3XJLE8Ujtv1XMtvxTIqYmI4ApaymwiTOWfMAzqNXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8344b18a885f9165-FRA
x-backend-server: aa-reachservice-group-europe-west1-0rkl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
38ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8344b18a58289165-FRA
content-length: 24
content-type: text/plain
date: Tue, 12 Dec 2023 08:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiS%2FqwC21VZVZ5NBk9fHJbntngnXvCqlHStuU8KEWGWH%2F3xHDmmSETAqtj%2FxZFPoYyl8ZvfbABFx5ztfFOuQQJIAPxXNTZcXyddrddmvS1WZrItRQRBrAXAKsqJz%2Bb5%2BBh4Rexs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0rkl

POST
H3 200 rs Show response
ad4m.at/ Frame E2BF 2 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce5f1778c40ccd3646c4a61edde0630e5022ca3e7e7fc517f10085031d47a43e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arm26CtYsQJ336lPgSQmH19G0UCRA3gPU2JTIGXJVo4uVsxPg9RFBjx4NHf2228p0mcM5dYDFckwjuCgygUkfiW00YZKIo6EoH1tcHv8OWpVF89KKHceV3pJUM%2BRcDj9TrioY%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8344b18a98639165-FRA
x-backend-server: aa-reachservice-group-europe-west1-0rkl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
40ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8344b18a582a9165-FRA
content-length: 24
content-type: text/plain
date: Tue, 12 Dec 2023 08:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UsvVhK3j1dNu4EoXf618VzRPJO3Q%2B5s91kgzkhXl%2BYOjpCXvSHenPxZr5UPmryYejnWat%2F%2Bt8m%2BlL8nN3l4p%2BaYZlaILDF9IQ4IemxmW9ZA8YicH12NgLbvroS2M3C8fy0lOhw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0rkl

POST
H3 200 rs Show response
ad4m.at/ Frame 2996 2 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a32221a398bff05b9e3d86c39d446e622080f3731b22ea73b4043551f2047e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiDp%2FnI5syGHndNrJeWOZFi5FTU7EgXiKA9%2BQlq%2BshVlhyhwV%2BvfjSksWvYIE0m%2ByJ26hX8k%2FL1%2FK8f81l9ShogPy06F8fpmho8%2BekGVdwg1sRXG1%2Ftyhn63eSh3pP0dljVvhf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8344b18a98679165-FRA
x-backend-server: aa-reachservice-group-europe-west1-0rkl
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2C51 11 KB
5 KB 36ms
36ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9819a4d0c484c09bffe230bb2e3059c08aa732eb42a43f090852c9db4b8fd74b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gawpaqmbree1ex1qdfgjfetz4s0cd659mee1k1k0dthvjzy21jf254setdhc90x7x6n9d97txmxwmy9q2a6y1pvz0bhfcw83jcefe93yvfjmaz54nyrftn4pkv7sh881qhzp6tsjak9g0h5zbk09hy5vtn2j9eey5g0qnmw135a738h6c75bnxhcnvcycrs2g87d9z7q5k5t05dy3pmkgem9jq9hq3a1jx5jggb4vq8681fev78c8fhsha3y0q8ngeve35pr2k8mr9sdxbxe11yv8z2edqdzeczv5rhekdn30az0ckjjw3gz9vsa3p514vt7sntvsw83ps39xwm9c1s0g2qtv7dy76ybs5vsq1dm13h7ksmqyzvccb80ga6dc3ae2dw6f0p2mntgx2xz8cdsm4tjcgx1kc1wq6nge4tchfm63jca4rf21a3xe2kqgytxwh3er&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b18ac96f917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 90C1 15 KB
5 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a54386b7597b44f3a4295a2fca63efd12b3f4d89019788b02a288577c20fcc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h1kx45cgthskvc08jx3vn4qa991h9z05k7w1z6ww0jy0sxha8nr680z9pt0ez3mm1kvza1mxnp80645gq15rr9cnd3f7wxzd8rc3y7zca08e8m78ea9a92sp1sx0psafkk1gmryrnm4p2dn15m3ykv1py6hxc7rh9kgc7zb40wp67yx88m89q8r5hmxjkd5hb1h7xxs3fz0392wfhvrbxk65vj3m2rjpbnr4fdtkzyvkh7fpmjrgyyz5m7mvjp0h829p40h3t1ejggzvzy5a48jde2ct9c6xq24nxa6fws6fyj5wsr1zk06f5x8abhrrsm868tzzrx9spwayw19jr5kfe22kx68ss0z23hrvetd4vnaryggtx1hy4f9zhva0k91byvvzyfxgw5ghq19k0nqattq2bkgrnth7kxr2aeq0jmkacxx4dkacdkep66br7g9pwds60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%26num%3D1%26sig%3DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b18ac972917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4A0B 0
0 59ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3Tuivh14ZcW0HY_g9u8P5oeUmATJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAkc5ppu2D7I-4AIAqAMByAMCqgS1Ak_QYxjlHZgbItdeLC9BzQaWx1DB5Ah5-P7TsYsHOFb_aOZQ0-PiHyQPhoBuag27YeedbLVO_F5jinS44ilES588rGq81Db7BEqzAs69mnGKQbO0-YcSoVVaA0k651-ItwOTDyUm8e1SeONO95ASnRKXkGkDL7nCyyPqCmyXHbTtvp73uomtHjXUdn6CG1dTmvvgruiW6BbuPPL-CcaREaLjNV-7yHDaps3B25aoOUZxFJ4hXQayhAD2Pcbm_DZYVSO39Ska4P3vmCAk8cQmNg6xw0Tgoztgw08lS_AUj9xrTXK0M-Nt53JVN5YBLkhJBolL1CV9PwPg6S6vS30VOK5B4cCsn21BQHv6hgAGk1-wOJLAnORdot8gXvwGgTPSxtQZjp-ADi8tgRPs1faPvGmS3dK4xuAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMDgAoB-gsCCAGADAHiDRMIqv_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcBshccChoSFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=RfQ2LOrAtMg&uach_m=%5BUACH%5D&cid=CAQSPADICaaNHUm1Pa3hDaHWeMHPIEvupawfKBrLXE6Ay5YouSK3y4pYi_f2oHFcOi3GDYn2H-xWl6YnB7igMxgB&cbvp=2&vis=1
Requested by: Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 4A0B 0
126 B 42ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGOLBMMoH-gGdg2ICAgAAACffBoTJ5kr9EL4deGU6Nw-TnxDBk9g1AAASAAAKCkFRVUJBUUVCQVE&wp=ZXgdvgAHWkUH_bAPAAUD5iUef2MhqvYxcNR1pg&cbvp=2

Requested by

Host: 10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:50 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 195677
server: Kestrel
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A1FB 10 KB
4 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe1987f2761fb5aab55099c667abbb47a3bfa6a1e4e12472961935e50e8845c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hytypeggkpxp8taw2bgt6tkcr8a7f119mt7gvhdz8bttv1e5k2sz6rm6hpyhxfk5d60sqsq20qkemzngrsywxwhswsd55kx33yhhhpd1v3df5jt8z7rhj3yhjffx481jk3bvjpce7j4wpdfbpqbz3zrt7snkx2szk2arcxhdcsjtt6gqhn444c7jcewvnn4hm44smzy5zbbkvahp3yr5fxvr5e0apa0d7067azmp87ywrsw0q2xkm580en8pnbnw6pf508pddd4a266hd8qdnk57vd4qvzz8mvnfvt0txbvprsnqhhcxqtxvhevma2p8dtg0s5j8ra2qqnp5t39r9825nb9vyd10fymb4873nq0j55t1vqqfg302d63a4evvb6b9whxwdg8arvnjnww9ec5f6c0cc597e0hxm55v7hwnwjsqdf7bg1qcahh8n2h8nr49peh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%26num%3D1%26sig%3DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8344b18ad97e917a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:45:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 90C1 115 KB
14 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347313
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tCvEc0RC0JGjw0bNJ198uKIZPRVQeD2vw6cljgA0gP4i6144M3ycAGP9Io5vTxmUIlMyjBZpMVPiRNCjHdLFm67Qa7CWesAw8oz8LXH2oK09VDBFJtICoEVlbVGECChuhHf%2BkSqiH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b18b09b3917a-FRA
expires: Wed, 13 Dec 2023 08:45:51 GMT

GET
H3 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 90C1 8 KB
8 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 302774
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiB8JqC7sigja48yQ37eMYltSz3H40MFYQcL9UfwqvUdAELoMXI4a83RbDFAM3B1%2FoRdr%2Bpz0pJwZlV73feRN0%2BPh68tMk4GsvhyVmhjduiZak36iFIToZISMHp7e0wn6sbZmK0%2BjbRJXfGF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09b4917a-FRA

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 90C1 11 KB
12 KB 22ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36946
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rs2irCsNAz2YNXfJJ9fXOt%2FyTVCNwcc2BUWR0iL26fjEzRfjcifuwzpak9I8H%2Fbm1v9je7Nxf1V1t5Gr90oGny4zai6uln%2F3FCHU3SZWINRYrhxlkSagQbhYpiAibYhVUYhv8eS2sv0d9RH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09b6917a-FRA

GET
H3 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 90C1 9 KB
10 KB 32ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311494
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZuF5NPHI4Eh1yNdIgJ0Az9WpV%2B%2BmrwoZGPGSy1b1GQESXI5iah3k%2Ba8kJdWrXTWa5EjTpzYQw3J8Wu5HaNEyvCo3ut%2BkxWDpmuYi3B%2BM%2By1fSgTzU3cdHUy8xX%2BV%2BTeF2%2BuxpCsuz4O4k1U"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09bc917a-FRA

GET
H3 200 BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame 90C1 28 KB
29 KB 22ms
21ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1137310
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28954
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:58:31 GMT
server: cloudflare
etag: "85b2952dc2f72512aefd9f8454909e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boY7uGyFqkCM2jMHTn6ADmG0KNUlcPgr5QSVhu7tgQ8VvBIOzdRh4nf3rj6ozo2lQYt9G6JT0xtUdiVYl%2Bh%2B%2BhRZ%2B1AYvn7%2BuZY%2Bv%2FVA6MVZGlGSnRynyoHRaVNT46v347FqxKaRS0Td9wrT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09bd917a-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 90C1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CP6Fn5_BiYMDFYSkgwcd3jQIZQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1702370751_da9bbf80-98ca-11ee-b1a8-22396ad6a5ca

0
549 B

79ms
20ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1702370751_da9bbf80-98ca-11ee-b1a8-22396ad6a5ca
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:50 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 12 Dec 2023 08:45:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1702370751_da9bbf80-98ca-11ee-b1a8-22396ad6a5ca
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 90C1 10 KB
10 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306892
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZJJyrCwVeDOL7Vj4PsXO9RnGlM2NjLbKSHSHzrYMGqWRwsLr8gC1qgwm0wmpj7GYfo1IcPsNJpHeSX4Sua6xDG%2FdLkJuSCOZEjT6vfdCbsscniXx%2Fwf4z9FLdGANwYqDCQYMm8Z1eWiilEM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09be917a-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 90C1 28 KB
28 KB 33ms
33ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2355957
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfOiU3DbHSkzlf%2Fj%2FuRXU3LPHyN5QS%2BfbqKajeIWixvaWyqmWAZBLcK6Ezxd%2BfrjznVHGmi7kWlys%2Fv%2F8nl7sG6kSxCrqbGmFB1NwGq9GIQpC4tHQv7K6VSX05DsNlo%2F237DvJ3yqfFaKwmM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09c0917a-FRA

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2C51 115 KB
14 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347313
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtTA1MMUCVEHhJ6GenIPQdv7RtoJAtk5buDtLA7T7jznKL%2BkBqXLl6vtLMnikDmUME87NN7Ri%2Bgc8dTk2GkYtDKY0g25PzMbCMq6MndG%2FOT88vLKbKvi7D7eDTLGa2Or0JW%2FIbOuLI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b18b09b7917a-FRA
expires: Wed, 13 Dec 2023 08:45:51 GMT

GET
H3 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 2C51 5 KB
5 KB 31ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313730
cf-polished: origFmt=png, origSize=5231
alt-svc: h3=":443"; ma=86400
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:43:53 GMT
server: cloudflare
etag: "f16f7910a6ef14de318e485901cfa4a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ugSq72u9v3Py3dPAQ7ClDRJrKcFXHCio4q%2Bzu7sdEBoXnKL9PLMyJ1lt0VvcWzu%2Bhq%2FzFcYSkVGNi1GuohekOokm0O%2Btr%2BSjuf%2FA3pl54oFGMaaRRCbmiAfgNznqh57uJa9Nmv6HbUCIEJe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09b9917a-FRA

GET
H3 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 2C51 34 KB
35 KB 31ms
31ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1049219
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 35068
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 08:00:13 GMT
server: cloudflare
etag: "b517cdc8d5c29fc9ccb387e83f875610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDZpwz2jKLjHNbrfoPKUfFL%2BhPPA8IyDtTiks5z9y1RbRCGy7yjDSFl37RPsUyrz2VPW3raek5rkfD2gBJTCxUa48IpNVaPgYhBBbLyEREafQ2rDKasACfoITovbPd8TFJYNzFwwSxI56RrR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b09bb917a-FRA

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2C51 8 KB
8 KB 36ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311657
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyTIynZ90Az34CFwxn8dZnT6WFEaTikPQiMKSqQsIcC189%2F2CN1GhxstxJF1WFYRgC79ePsqAPIl7AoRAbG7x7YPOKo4uJPtS74tIbxmymowSo%2F4VFNsJRMeYRyIbCHKKqrqsTmT6GKuIS96"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19c4917a-FRA

GET
H3 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 2C51 20 KB
21 KB 37ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 309864
cf-polished: qual=85, origFmt=jpeg, origSize=29026
alt-svc: h3=":443"; ma=86400
content-length: 20740
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Oct 2023 21:22:49 GMT
server: cloudflare
etag: "9e8c0f685f08676e3b6bec8849b76e69"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHZ4J7JgHOB9v9NHgyZaVOZi%2FVLnJnv%2BwrzakJkH2NgOxurLUF5kpQAU6A2YeQ8Fw2WZbtVO37bZwVymkiTAs9dyUN1T4JZ2hF4PNDxjNKVsZrIXiSoMafa9vLnudXyasL1qaXNUknv3neYM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19c6917a-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 2C51
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKiDn5_BiYMDFTmg_Qcdh2UHtQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202312...

49 B
1 KB

56ms
17ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:45:51 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Tue, 12 Dec 2023 08:45:51 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2C51 7 KB
7 KB 38ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311655
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSOAbAF2dI%2F%2BqTZo8o4MZcTsIXWMndmhv8WerzKWYXnvnM7%2BXtMP1QPf%2B7UqEI5qPH9aqgUcmA2Xu3%2Fv78ajP0xLOnuzpv4e4T8BYAE1Eb9EciQHOXH%2Fs9C4GhARotFD6rUSXhudrQNBS2mZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19c9917a-FRA

GET
H3 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 2C51 25 KB
25 KB 39ms
38ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519694
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BGxgrSTcriIKR6j0fqGhdatsK13%2BWfUYgVJtMMH%2F4EBvM02JEAHitsZPVsJyajjDrIJojuQBFitm0SHDrxetloNXnHgBur9zvSkJOqctXbAK799aY3UV05VgAuh6k%2BVHdzyItw%2FueqC8VDV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19ca917a-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 2C51
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1702370751_da8d4090-98ca-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

0
1 KB

70ms
39ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1702370751_da8d4090-98ca-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NBPSlUGga7aXy0JpSwguLFJISWOryACwHE9NDnKhwg0-1702370751-1-AalZ7NSCG3ogD1qFXm4s0lWYqdxiW84iLUi2jyMz-Bc6maV5PPH2p8HsEd8h5CEl3NP4QIqaTD7NmUWi57FuzgR--dC0BVTbUWaPI1pJkXi-tD_z7ntip8yy0Qw0eZsqi-ii9MlkknQesfis1OKZzrk; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NBPSlUGga7aXy0JpSwguLFJISWOryACwHE9NDnKhwg0-1702370751-1-AalZ7NSCG3ogD1qFXm4s0lWYqdxiW84iLUi2jyMz-Bc6maV5PPH2p8HsEd8h5CEl3NP4QIqaTD7NmUWi57FuzgR--dC0BVTbUWaPI1pJkXi-tD_z7ntip8yy0Qw0eZsqi-ii9MlkknQesfis1OKZzrk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 8344b18bec0d5d63-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 12 Dec 2023 08:45:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1702370751_da8d4090-98ca-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A1FB 115 KB
14 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2347313
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvTRFfHLbIUPUSlsLb5hFGnBeZQJDy5waouD1ZjsGdIBl6z4Ag%2B%2FhUx488kTZiNhDTKMYXHwozBgkdQCBe7RG5sp1z3ybuYh1W26LMZ2Ij2r0oaMInEX6bu%2BNBPZ%2BmpgCaZzpIp7L%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8344b18b19d3917a-FRA
expires: Wed, 13 Dec 2023 08:45:51 GMT

GET
H3 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame A1FB 7 KB
7 KB 34ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311520
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:29 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DazZ%2Bv30ZZMytZjBhrC7XrWlA61r5SPU7ba1V5h1K984OGromBMXXfrEibxjmzOaS7crcbPNA%2FJQpuUP0Kbq0rFeKFzzKpoJ9rJ%2BqFzzaxYkdjiJjbWWPceL6t0GPDMl%2FwgQ0VkHOR%2FQTMZM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19d4917a-FRA

GET
H3 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame A1FB 26 KB
27 KB 35ms
34ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2849759
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26621
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:09:50 GMT
server: cloudflare
etag: "0a62ebe3b3faad549be8ad7d4386119f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yby0Ee3fS83pOE%2BQCZXfi%2BXyKdcpFfZ1iIxpEOPdjcXI8b8RwTx3m06FA5Z1DHW3%2BZzBCp0Tam005UaEFZAG%2Bt2GFBtWQ2aMHSWdG8Sm1UiHZuC%2FT0NvC0IT0Aa3KyLmO7JLwy38hx6Aa%2FZZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19d5917a-FRA

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame A1FB
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702370751_da904dd0-98ca-11ee-9488-2234841a3abe

43 B
1 KB

65ms
29ms

Image
image/gif

2606:4700:4400::6812:20ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702370751_da904dd0-98ca-11ee-9488-2234841a3abe

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700:4400::6812:20ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8344b18bfd3737fd-FRA
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 12 Dec 2023 08:45:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702370751_da904dd0-98ca-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 9CCBA432F3AC6BE87E893A9EA138C04472D7F1C9F25B9ABB4159BE70485BE571658293A75145656A009EB642FC0ADAAFB899844D31A714568F3A7692B775CD35
assets.ad4m.at/logo/ Frame A1FB 11 KB
12 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/9CCBA432F3AC6BE87E893A9EA138C04472D7F1C9F25B9ABB4159BE70485BE571658293A75145656A009EB642FC0ADAAFB899844D31A714568F3A7692B775CD35
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a73c1760693513b2d4899879a05eef2d701c87bf707b0bd6a81ef114d57bc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312309
cf-polished: qual=85, origFmt=jpeg, origSize=13030
alt-svc: h3=":443"; ma=86400
content-length: 11674
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 13:09:18 GMT
server: cloudflare
etag: "e6883e99ef8d1c466228adefcee86982"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdMcW8GWz5FTeAvaknZPCywW0f5C8NINHCa%2FcWRM1Yb4RDKrjQVBIGZ2tKRzg%2BCfqfdAlSRiBWvflrH9pkGrs7bYsgfinZksXSo9abFip%2FUVlijdcPl4eDr1LpuftOO6lCP1BRLz7wo8VVcx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19d6917a-FRA

GET
H3 200 F1BF041DA34BA5585515BB25E3F32A181243BB0E30931062C28FAAC8C1FCF0B468FDB83327CF619A508898AAC723729A67F062AB52A57BE70D4796A11E44D140
assets.ad4m.at/ Frame A1FB 46 KB
46 KB 37ms
36ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F1BF041DA34BA5585515BB25E3F32A181243BB0E30931062C28FAAC8C1FCF0B468FDB83327CF619A508898AAC723729A67F062AB52A57BE70D4796A11E44D140
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ce7a08e9159f3169ff9a4b8c923aa309ddeabee7ee03b1ac2a795cd9249cef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2171020
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 46912
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 21:17:19 GMT
server: cloudflare
etag: "0673cd5f407b0893d2f9bda6718183f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfJjrY%2BtF2WbPINctpkFAOEHE0ZHpfFti%2Fjjao6GL4vyvMzzylXAiRk6%2F81dptTbtuoemmrQaQ925FfoBmTwMQU07fhUvrlI4ZbWql9Fw2GCxtV78UC3LZkCQ5oXS4jLu%2FWpvc4BM%2BicdoMl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19d7917a-FRA

GET
H2

200

hltp.html
www.emil-die-flasche.de/ Frame A1FB
Redirect Chain

https://cdn.retailads.net/tb.php?t=150269V2146131017M&subid=oneidXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.emil-die-flasche.de/hltp.html?ra_id=3380152693

0
0

90ms
30ms

Image
text/html

217.160.0.78
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.emil-die-flasche.de/hltp.html?ra_id=3380152693
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 217.160.0.78 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: 217-160-0-78.elastic-ssl.ui-r.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

location: https://www.emil-die-flasche.de/hltp.html?ra_id=3380152693
date: Tue, 12 Dec 2023 08:45:51 GMT
xphp81: true
server: Apache
content-length: 0
content-type: text/html; charset=utf-8

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame A1FB 6 KB
7 KB 40ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9397137684651208494998e1dbfabe58cac87e2e0d402507004fb7a62c5d417

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300190
cf-polished: origFmt=png, origSize=6433
alt-svc: h3=":443"; ma=86400
content-length: 6214
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 12:57:10 GMT
server: cloudflare
etag: "ce495bc6ebf714fd07b78716b669035b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UX689CNdrIR%2FHTuP1P2SM4rqaiRmis3Kw27CL7HZ8hqCGHD6sn1nRV9FNbNjWBt5%2BNgWcNcruuV2H%2BVSULjppQJ5CD7wOtX647N8uE%2FotoQE26kx4wuzGLuC4%2F0hST6A6sGrn3J7l%2Bu6P6l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19d9917a-FRA

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame A1FB 8 KB
9 KB 42ms
41ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C15153%2C64769&b=xmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd%2CXr8CzfrfpmDh6H4Hetqtx6XSQSkT55gfz3P6%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7&f=Y4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe%2Cek8a3fVfmwbsjHZHet2CeJPcwSQTKKMsJxEG%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd&c=728&d=90&e=&g=c9288ae91dacd271d27bf9d18f8d02b0%2F11073421087593581197&i=25052%2C25362%2C27835&j=16%2C35%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka9qme063pevtfbyxhvwj478qrq1vvjxdm1ka3g8st8chan3wrj08yqjghdntva8910qm9rh9cjnj2d5jrj6a9rcv3h6rvvvxsdjwdnbk9tx61apv5rrg8h76skykv8qnqp10d39cmeqpxfqrzfw3tce6qfags18w7fjar96dr3jaqx109rhev046ne5hr3bvth00a00v62jbbcn3fm327dtmpznpa3915r1tv765wafvbwx9wqajjgw729nw3ar4tw9yj4zx1b3v84zqz48bet%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPcmvh14ZcS0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEtgJP0AI9aPJna1icj9HCev0KfmMox5mfu6uCHnkJIsPKmBlarhsZgfl6JrKc1cym2wzcmJbeHe3RQ7HarqZEJRyGrSj7v8wsuWNkR2uiQrNkBiQy4a84Taa8LLFEvrppW1JmMz7kUnru5TLkCsuU8LF19HFqwThfqPa6FJYPKZLAD96cJma8ACgtPt5ZCIWTojxwEBBySugfx-jBu3GH0lcpG7KZ7kDIK71rFUX6f79_Rvx4hHMpN_obMQDUihDvOKRMv4CndKOqps7zH9fETRcI-ZBB5z3MpH-oq_DMPKDd6ph1GuHv3wyUC6_HLKFbAbh_6ZShcx7KZ98YLCOjwNhWi5XpY1dBgA-bJ9y1aY0S0-bh-vY_O48wfhhUovS2Fvzs49puScGpOvp0PScgp9r47lAB_Hku4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIC-7Z7BiYMD-gsCCAGADAHiDRMIqf_tnsGJgwMVD7D9Bx3mAwVD0BUBgBcB%2526num%253D1%2526sig%253DAOD64_24Jkt_qbGH1-P4GPlBWEsEj0aUgw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac5caad1c486ad92b7234c502af91d15e08fd627a26978bf13cd1691a06b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314426
cf-polished: qual=85, origFmt=jpeg, origSize=9421
alt-svc: h3=":443"; ma=86400
content-length: 8194
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 11:56:14 GMT
server: cloudflare
etag: "f87a73ab861252ba07350fc9defa2002"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X128EI76Ur%2FfVXfUA%2Bw7ePmZQkJMg6uxbjMkrTEGZWiUMCHP5AFstnFueJkq62DBcekRd94nFXZf5k6H8Oc9%2Fbc2nYP%2F6KNU1i4G94vDXaRgHn0I1tDr5oCVC8D8aG66z1K9Pc%2F5Ss31%2BUk2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8344b18b19da917a-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A1FB 43 B
702 B 101ms
66ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 08:45:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 90C1 2 KB
2 KB 137ms
70ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2qj1d5wd083rvcrw17b0h80ym02h06x8b2ssaxc4snnzc6xn3wg10g6m3n8t415anbfde2z4na7ftep7exjm1qw5brpcmd05t7wjfxe2mkw6tdc449e449agtpyv66tv7mnepxdmhpc2vxxpg94vtd7afsckx321ykbgmpdm6gef86rgxyvg05ak6b6wjy2pscq755npw26sjk4fyvk5h063kh11btxgmf8wrz07371s79kwf1z98b3dka4rcpkang%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f88640f9d84729446e126e501861646b3664e51c7fa08021d7b7e8c809ad0da0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
last-modified: Tue, 12 Dec 2023 08:45:51 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 12 Dec 2023 08:46:51 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2C51 2 KB
2 KB 136ms
71ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kj5bdpjgcekbg9wnh7etenkrtdrzr4cjexenm3b1erd373m3t9ewwekz8f5d65h5kaav10wn13jhq5ea9khf081e9yg3fhfbn6yvb06x3412pfz2kqxpeahjs3rgkn8sqmghw441zcmx7nxjfjw5aha1aqzkw820k440b7c2af1rd7bxfgjgt4f6z8pwc2eex4vkgsycd56fv7f68t7ee8q4zaaew9mbk16v8gc0faj8j5f8a3k5hc6mm68nycvtga0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ddbb03496b0e3d3fca033d53a8c33bca6d13bdeccc4d5404d75e24d82f2a2213

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
last-modified: Tue, 12 Dec 2023 08:45:51 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 12 Dec 2023 08:46:51 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 90C1 0
0 104ms
40ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8zr0qfkync9q5rsz678zqdz260wsvpywj6z681hppat4ykcdzbacn4c3367d9gjcwj9tzt1qqj9q1e6vbfs8s2pekmnvpd7jpg4pa696rx9t8df06cjqg7nbdq60xkkg067cevhf2g2fkxzvcn3jvck1krssrwfxb87zp1zvq34de60gz4v71cc9qex80w39vw72dkvqs8v3gb1n19x15pczrbt9mzcyz7q3ez457ec3s42kpa8tqddm9zfaw9fz80%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:51 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame E1AC 44 B
891 B 81ms
27ms Document
image/gif 188.40.59.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.59.226 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.226.59.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Tue, 12 Dec 2023 08:45:51 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 90C1 53 KB
19 KB 50ms
14ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2qj1d5wd083rvcrw17b0h80ym02h06x8b2ssaxc4snnzc6xn3wg10g6m3n8t415anbfde2z4na7ftep7exjm1qw5brpcmd05t7wjfxe2mkw6tdc449e449agtpyv66tv7mnepxdmhpc2vxxpg94vtd7afsckx321ykbgmpdm6gef86rgxyvg05ak6b6wjy2pscq755npw26sjk4fyvk5h063kh11btxgmf8wrz07371s79kwf1z98b3dka4rcpkang%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:58:49 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 24423
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Y7bI4QZAwLmu8ghlkwy-NqjceAu13secxp1baKWH-W--qEDeiJUMEQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 90C1 15 KB
15 KB 51ms
17ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1702371051&Signature=Sgrs41od6vPLIcJYtO7q4hzDDmlAh8CZ3jG7-dDotmAB4HMpCEc9Gphh8IQ3Sp0pgNtba4jYvPVt-cGvp0P1q~6xk-1qORrGZUr0MocSUgdu5USVwL4Qi3Lx-ot63IyGfXn8A0CLfisKABksfMHXQLxh-utSKOBUY6FSZd10rW3OiTfJ5hLavLunUB8CQT0-b~xr0A4ptCFFc1M7OERZqVLe2TVG3TF3vrthjEmHbK1YRtzlzTNunNsCpuLTSlSnZthb4BpQLycmUBE9h67Ti28mH8QfT4p5E-puKaOt5R3zWuHErqEAvcB6PIf75u~OzmJk1As9MZx2XvX9j~6z3g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=fb1c1d76996ee7acb7e49aac97e09395%2F4471572294211620431&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751129&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 12 Dec 2023 07:48:14 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 3458
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: QamB_o5HTGgeap9ET738z2ZgcMTsNn2hhTc5Pod9hiDsgx-J_fk2RA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2C51 53 KB
19 KB 44ms
8ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kj5bdpjgcekbg9wnh7etenkrtdrzr4cjexenm3b1erd373m3t9ewwekz8f5d65h5kaav10wn13jhq5ea9khf081e9yg3fhfbn6yvb06x3412pfz2kqxpeahjs3rgkn8sqmghw441zcmx7nxjfjw5aha1aqzkw820k440b7c2af1rd7bxfgjgt4f6z8pwc2eex4vkgsycd56fv7f68t7ee8q4zaaew9mbk16v8gc0faj8j5f8a3k5hc6mm68nycvtga0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:58:49 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 24423
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _g5snLKtfbI9BHoPfueWferSE6uxK2OIZ4J5MKhDavu2SIOhdGokCw==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 2C51 55 KB
56 KB 43ms
8ms Image
image/jpeg 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1702371051&Signature=QtzPdN-Rq4vB9~8APOFjjGHPBCU6ZhYYFVorKc42O9fU-ydBngyyQ2ABA1gmff7D-yIIoKyZkOSxRZMweEBX-6X9x2bcu1W~JHbQLZrsFVvGPgVXX~ZxjR-oPbP75DxXVphuYA~wxY~0OmXJkWu7FXKq0xQzqzNjfUo1RlCjXdKhEcuSzLBINeIanbc5O4~zAnQ2k1Xkz9fXq95HRkvDvwMP-MdSSvod02-K-QiSPrdj574nWnKWpsxi73uiuKvOoOeJJwpvQo~2NKm5Tj5X6YsmM2xvrTmPpv3Lde9R11c-y~vgDVsxyDsf9UWwfHZPEpZKv0fzp6~drd-L2WxovA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C14019&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=970&d=250&e=&g=b43cdb36b954545b2c23d73d0eb29bbc%2F3494667814036444578&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702370751124&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0y4h81grmpsjmm9f1a1zspecasn9p2d1e7pn1bpss64ab39td1addg8p93hjfz0pgcx1s493m8n97qkdjemtsbn9px852yc3yv71sskpwhw8gv09cw8zsqsdcasz95kszyd3f93gx6frfbfc8eehf8f42e3bmrej9tnf7pz8kbegyr5bddh7wky5sda45kdczxp3jr1hr0vvr8tj2dwmv6qrr87gnyyw95r08wx1am4cneakyb63xq25g0zbfzc85cb36xnzccwz0karcskx2v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDYJBvh14Zca0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEwAJP0J5Qk7bCVjUZqcoSfS4yqeunk5wJNd8U0hc91XEjeAXsRwmHHP7N4JkNmSbYj7mGvxA4sa-0g3FftjxiFT3v8THeGhMY6kpSgXAo7s8hdrONGqASwVOESwWc2LlarWKR7Z3K2fSan6Ng7vnX_fAbUhlzjlfc2S2jENaSHHZ5VNESh2808sllimMj6egHaIRWH-dD4p_Uvv9g_zJCPl7Zo-6oljaPOK6A7f-qQDelKYODjlfmbm_JDq0qGgHSPnqj48dOke67CJj7Y0T4vVPS6T_z3uOBrPb2Iwr0XfEqjsUzFRgekcVkeqdBoqj2jTlR2IvtQS17JtDWQsnEgfeD_VS2lBCr2kZSetjT4AYe7lFodS1_YBwDdJjBfNnNMxILldJIrRkaSvKsqApDh-_7FBrVwuNKChH5cexC690O9-AEAYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliAvu2ewYmDA_oLAggBgAwB4g0TCKv_7Z7BiYMDFQ-w_Qcd5gMFQ9AVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1xTYfZotwqHbntWQaIVyN7EnLziA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 12 Dec 2023 06:27:01 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 65555
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: LAsk-4x7SrhFLufrJjeZfMCB3coI-b2lTzINbu4j78Fa_WukO-GK3w==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1E1 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv23RM4TNvuY6xYvKIuXvAp0lzOinb_qDBarZSAy0HLRNdAcOIdTDluH40NvVOAfC_YIbo_BaLshKyU3jtLtzPgvxuWnzbHeB7e9w-sfk3XnbD-j8_ztQ&sig=Cg0ArKJSzFDGGoLhl_0YEAE&id=lidar2&mcvt=1118&p=1110,436,1200,1164&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702370750793&rpt=200&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A0B 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAPqY1k5RCjETSS9f4ECZuaeeSWfXuGxr2cGQP6sPafM4XAuA5iz0uswP14a3xny9Rn2M3nMg5juqc_xpKXLOPCuUuwdRXy4l1ng_7UcYrPsdzARqL&sig=Cg0ArKJSzIaJF6NdrWk7EAE&id=lidar2&mcvt=1075&p=340,315,590,1285&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3129430941&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702370750799&rpt=238&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C3E6 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2C51 16 B
209 B 65ms
64ms Fetch
application/json 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:52 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 87ms
26ms Preflight 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:52 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 76ms
26ms Preflight 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 12 Dec 2023 08:45:52 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 90C1 16 B
209 B 86ms
85ms Fetch
application/json 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 08:45:52 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
364 B 89ms
38ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1702370752703

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 12 Dec 2023 08:45:52 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 24ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3bt0v9137939032&_p=1702370747437&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=562926640.1702370748&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fblog.paleohacks.com%2Fpaleo-pumpkin-spice-donuts%2F&dt=Paleo%20Pumpkin%20Spice%20Donuts%20Recipe%20%7C%20Dairy-Free%2C%20Paleo%2C%20Gluten-Free&sid=1702370747&sct=1&seg=0&en=show&_ee=1&ep.event_category=leadbox&ep.event_label=Dessert%20Recipes%20Lead%20Magnet&_et=2&tfd=8543
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:45:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C3E6 15 KB
15 KB 15ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c9cf4b8fc6aaabce3465eb341972870714d73b3ab82f6b48c24e70a29b4db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:45:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14902
expires: Thu, 04 Jan 2024 07:50:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/paleo-pumpkin-spice-donuts	1969-12-31 23:59:59	Name: phvid Value: 162226576
.ad4m.at/cookie-frame.html	1970-01-20 17:36:02	Name: userId Value: xcaPCNZlggm3-6q5Bvkzv5fJamOOBstQ
links.paleohacks-mailing.com/	1970-01-20 16:53:33	Name: _session_id Value: 1cf73090327c72c83fb108912eba14c0
.paleohacks.com/	1970-01-21 02:28:50	Name: __attentive_id Value: 09f1a7a3323e4e02a9793a972fb9faab
.paleohacks.com/	1970-01-21 02:28:50	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNzAyMzcwNzQ3NjA2LFwidW9cIjoxNzAyMzcwNzQ3NjA2LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjA5ZjFhN2EzMzIzZTRlMDJhOTc5M2E5NzJmYjlmYWFiXCJ9In0=
blog.paleohacks.com/	1970-01-21 02:28:50	Name: __attentive_cco Value: 1702370747607
.paleohacks.com/	1970-01-21 02:28:50	Name: _ga_QMKQQWEFHC Value: GS1.1.1702370747.1.0.1702370747.60.0.0
.paleohacks.com/	1970-01-21 01:38:26	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18c5d342538d49-00bc2c86e39a91-1e393178-1d4c00-18c5d342539d49%22%2C%22%24device_id%22%3A%20%2218c5d342538d49-00bc2c86e39a91-1e393178-1d4c00-18c5d342539d49%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/	1970-01-21 02:28:50	Name: _ga Value: GA1.2.562926640.1702370748
.paleohacks.com/	1970-01-20 16:54:17	Name: _gid Value: GA1.2.477613113.1702370748
.paleohacks.com/	1970-01-20 16:52:50	Name: _gat_UA-42752472-1 Value: 1
blog.paleohacks.com/	1970-01-20 16:52:52	Name: session_depth Value: blog.paleohacks.com%3D1%7C726657258%3D1
.paleohacks.com/	1970-01-20 16:52:50	Name: _dc_gtm_UA-81910700-1 Value: 1
.pinterest.com/	1970-01-21 01:38:26	Name: ar_debug Value: 1
.blog.paleohacks.com/	1970-01-21 01:38:26	Name: _pin_unauth Value: dWlkPU9ESXlZemM1TW1ZdFltSm1PUzAwWkRnM0xXSXpOREF0WmpjNE5EazNPREF6T1RBeg
.paleohacks.com/	1970-01-21 02:28:50	Name: _ga_RWB4GYKC4G Value: GS1.2.1702370747.1.0.1702370747.60.0.0
.paleohacks.com/	1970-01-20 19:02:26	Name: _fbp Value: fb.1.1702370747875.684154582
.paleohacks.com/	1970-01-20 16:52:52	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 16:52:52	Name: __attentive_ss_referrer Value: ORGANIC
.paleohacks.com/	1970-01-20 16:54:17	Name: __attentive_dv Value: 1
.doubleclick.net/	1970-01-21 02:14:26	Name: IDE Value: AHWqTUlVmpi2gawtg791QONzWxiqo6Lm1-Pc1sVO2AC9uNb4O1kzJgjNNjucV9ZT6JY
.paleohacks.com/	1970-01-21 02:14:26	Name: __gads Value: ID=fb7854ee4bb0733e:T=1702370747:RT=1702370747:S=ALNI_MaQRV3CtJLEOtGHaJqf_yurZBVTLA
.paleohacks.com/	1970-01-21 02:14:26	Name: __gpi Value: UID=00000d13d188945b:T=1702370747:RT=1702370747:S=ALNI_MZI8gGFOiQd0VyvJ0Wa-akQbNf0rg
.adfarm1.adition.com/	1970-01-20 19:02:26	Name: UserID1 Value: 7311626688336099478
.travelaudience.com/	1970-01-21 02:24:31	Name: _tracker Value: %7B%22UUID%22%3A%22C1A9FEED-79BD-4E63-2378-82DCF474CCDB%22%7D
.adform.net/	1970-01-20 17:37:29	Name: C Value: 1
.yahoo.com/	1970-01-21 01:38:48	Name: A3 Value: d=AQABBLwdeGUCEDfG0jGxtQ4QQoS0xRhmc7EFEgEBAQFveWWCZQAAAAAA_eMAAA&S=AQAAAteA4NJtpq1dUBoPLbFa-Ks
.de17a.com/	1970-01-21 01:31:14	Name: guid Value: 1.5780013705649956022
.adform.net/	1970-01-20 18:19:14	Name: uid Value: 5226669917093017554
blog.paleohacks.com/	1970-01-20 17:36:02	Name: ph-popup Value: shown
.awin1.com/	1970-01-20 16:55:43	Name: awpv20044 Value: 412871\|1702370748\|d9019781-98ca-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 16:55:43	Name: awpv14702 Value: 412871\|1702370748\|d9014960-98ca-11ee-bd07-2236e1f32b64
blog.paleohacks.com/	1970-01-20 17:36:02	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.agkn.com/	1970-01-21 01:38:26	Name: u Value: C\|0CEAtCto-LQraPgAAAAAAAQ13AQCAAQpAAAAAAA
ads.travelaudience.com/	1970-01-21 02:24:31	Name: _tracker Value: %7B%22UUID%22%3A%22C1A9FEED-79BD-4E63-2378-82DCF474CCDB%22%7D
.agkn.com/	1970-01-21 01:38:26	Name: ab Value: 0001%3ALFJZIAOD%2FCRQ6K4WPMkaROPiKggpFHZJ
.ctnsnet.com/	1970-01-21 01:38:26	Name: cid_ab9bcd1e59ce4b14862a108a1fd00543 Value: 1
.ctnsnet.com/	1970-01-21 01:38:26	Name: gid_CAESEIWIykviW90VUUHLSYqtRAc Value: 1
.blismedia.com/	1970-01-21 01:38:30	Name: b Value: 65781DBE3ECFB44E377251CDBLIS
.simpli.fi/	1970-01-21 01:39:53	Name: suid Value: DCEDE9334258483A88F8B59A9E99C75B
.everesttech.net/	1970-01-21 01:38:26	Name: everest_g_v2 Value: g_surferid~ZXgdvgAGWquAtgBH
.innovid.com/	1970-01-20 19:02:26	Name: uuid Value: 13e2eb95-5d06-420a-bc99-edfcadfc630d-20231212 03:45:51
.tribalfusion.com/	1970-01-20 19:02:26	Name: ANON_ID Value: aMntuJR3YWj7UXuRucrpg5YsL3ZaZaEDtt5qpmeVPNF0tHAAZdFgZa0cFXW2FeIfEZbNragpIINw3ZaGRWNsTdtc7hTQKZc
.awin1.com/	1970-01-20 16:57:09	Name: awpv11354 Value: 412871\|1702370751\|da8d4090-98ca-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 17:02:55	Name: awpv11420 Value: 412871\|1702370751\|da904dd0-98ca-11ee-9488-2234841a3abe
.doubleclick.net/	1970-01-20 21:12:02	Name: APC Value: AfxxVi4C8_pjLtbIkseKJ8xHLXqheGBFkTseIjJ2kk4pUg9bZz6BMA
.awin1.com/	1970-01-20 16:57:09	Name: awpv19228 Value: 412871\|1702370751\|da92bed0-98ca-11ee-a9f2-22382f104756
.simptrack.com/	1970-01-20 19:02:26	Name: ntm_tps__4011 Value: NNDNwRfTWGe0Od_DI74n6JvCLGOoL3WGi6WUxoBASZ3qYutG-vGUJM-bCFDlrRFKhEPWyPyrN9eDowbK2Xrs8uaPQ-yM9TlkkiHQLs6r7Mwos4dSRF5glFJUggXIK54LOvHS-S0H00-Jywe2eeS_MKJWZzQUag9k0VVutdrsWr0kZ_NWxIAE_gwUeroe1Me7pAJUaeuy22xE7ZfZthF7dnSDkpo_BlKVQ7_mi9wC-V5F0k1g4dWbrtC5JA4OgdpBOgatNNSFifcMGyVlgFH83TlNZQ7HjB2TNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 19:02:26	Name: v0rur7gqspb3_uid Value: bc64a39136ba4ec9
.freenet-mobilfunk.de/	1970-01-20 17:02:55	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 17:02:55	Name: eventid Value: 11420_412871_1702370751_da904dd0-98ca-11ee-9488-2234841a3abe
.freenet-mobilfunk.de/	1970-01-20 17:02:55	Name: subvpid Value: 412871
.freenet-mobilfunk.de/	1970-01-20 16:52:52	Name: __cf_bm Value: wfKe0tUnETUsa5HZ04HTKQN_2ib5CTU797YcEqQBFN8-1702370751-1-AQptpjpDBsqQKlDz+tmFCQ1kwquFA2eJ6nN/4FAHn8UQrf9EXZnVzkqOs7BbZETWCe3bstAJ4owUrjcNb5Ha2gI=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: bCbLk4Q5pck1UIawVfu4ygq5dj0t_MkBbUuCTF..4K8-1702370751371-0-604800000
www.conrad.de/	1970-01-20 16:57:09	Name: HTLP_timestamp Value: 1702370751369
www.conrad.de/	1970-01-20 16:57:09	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 16:52:52	Name: __cf_bm Value: kHDOVWZOv2yAR1k6mac_GeiH3_cJl0E4MZmFXmFhRGg-1702370751-1-AR3cm8JcFQcK2YxRoPeJVxhFHO759+NKjD7Z7tC6Nf0mbyJuaMQ4oUP6X4XbH97QctlU9ZjKRd38YMTJebDSXqM=
.awin1.com/	1970-01-20 17:02:55	Name: awpv11938 Value: 412871\|1702370751\|da9bbf80-98ca-11ee-b1a8-22396ad6a5ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.o2online.de/	1970-01-20 17:02:55	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNzAyMzcwNzUxdmxlYTFkZTIwMjMxMjEyMDk0NTUxOTEyMzUwMTc5MjlYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 17:02:55	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:02:55	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023121209455191235017929X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNzAyMzcwNzUxdmxlYTFkZTIwMjMxMjEyMDk0NTUxOTEyMzUwMTc5MjlYMTE3NzAzVjEyMjYxMzI3MDJNU
.congstar.de/	1970-01-20 17:02:59	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1702370751_da9bbf80-98ca-11ee-b1a8-22396ad6a5ca%22%2C%22sp%22%3A%22awin%22%7D

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://blog.paleohacks.com/static/all/js/can-i-show.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.lpages.co/leadbox/145b71a73f72a2%3A13300845e746dc/5746055551385600/?lp-in-iframe=1&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8zr0qfkync9q5rsz678zqdz260wsvpywj6z681hppat4ykcdzbacn4c3367d9gjcwj9tzt1qqj9q1e6vbfs8s2pekmnvpd7jpg4pa696rx9t8df06cjqg7nbdq60xkkg067cevhf2g2fkxzvcn3jvck1krssrwfxb87zp1zvq34de60gz4v71cc9qex80w39vw72dkvqs8v3gb1n19x15pczrbt9mzcyz7q3ez457ec3s42kpa8tqddm9zfaw9fz80%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktywcr79rnkrnbk5v001q5j8jbyyjxtqhn6m2kgyfmstehnvy4278x42d8y6m9fv0n1gq3x901fx23vqz6w6s9xddjq2aeqdgmznk3jymcw4w118wzd9k36x83e27jhy7swa8g8mxw8qq0zs2kfb5we4kftv0z14tm7pwwkqnyh189jc7t4ef017mn0nas74dhkx64pv49hf4fqhn2zha40nsavp6eg0rc9d9g3m7sntdatvgvt25th4z5chxyzttb6fcx5scpt5s565wt8e077%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxYDHvh14Zce0HY_g9u8P5oeUmASQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJHOaabtg-yPuACAKgDAcgDAqoEygJP0DSVrIqcW4Rwl-pC8Ry8LByhH2X2hr-7EbEF1IL9Kkdk7KIWcNI8Ts6WPtIIXlDMeL451WyzV4-1XcDuyGr6vhWWELl6yd6wkz5lH127CHEw8soRyb5LMLwyiucWgTMQ-Odbk3CGJn-0C2KbstGNgN5D0XvvTWzse7fesci6492zueibW1WylLWNK0SdG9IRlbF0BZdCOi-oVu2_lIvfG0sooDlIq7Dx04aOjrKqrbLXYzags3UU2Lzi8Ntf8TFJKQRxISvxkk2nIkB24RhjwMwNTpvW9q7iZgZcRwlQrbYEbIVi_KEdxl8CBD_T1SdbgWpXigh1RLM9snU3Tc__Tc9e2GUKnR9iUS-e6aLfybSNZO76Axn6dphlLOBUUAVgC-hn_gCTvQnNGyCCKPu-90QE5y7wCa-qHqSWQJWsUbha_VHRSQl-wAngBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYgL7tnsGJgwP6CwIIAYAMAeINEwis_-2ewYmDAxUPsP0HHeYDBUPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3NphnTHSw1ZvLRNUaraRxWtf6ASg%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10ff28b0cd48c4b19196fbe2e5865a2f.safeframe.googlesyndication.com
178194.tracking.hyros.com
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
ag.innovid.com
analytics.webgains.io
api-js.mixpanel.com
api.ipify.org
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
banner.congstar.de
blog.paleohacks.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.attn.tv
cdn.mxpnl.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csm.eu.criteo.net
ct.pinterest.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
paleohacks.attn.tv
paleohacks.lpages.co
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
pvx.freenet-mobilfunk.de
region1.analytics.google.com
rtb.nl3.eu.criteo.com
s.pinimg.com
s.tribalfusion.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tm.simptrack.com
tpc.googlesyndication.com
tr.blismedia.com
track.mypaleorecipe.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.emil-die-flasche.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
api.ipify.org
104.18.43.135
104.64.118.247
142.250.181.226
142.250.181.230
151.101.128.84
151.101.130.49
167.233.13.224
172.64.148.35
173.231.16.77
178.250.1.6
178.250.1.9
18.66.147.120
188.40.59.226
2.19.216.27
2001:4860:4802:32::36
213.155.156.184
217.160.0.78
23.35.237.56
23.53.232.23
2600:1901:0:498c::
2600:1901:0:76b9::
2600:9000:223c:5400:1c:9484:cec0:93a1
2606:4700:10::ac43:15df
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:4400::6812:20ce
2606:4700::6810:c0cb
2606:4700::6812:19ad
2a00:1450:4001:803::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a01:4f8:d0a:2321::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:fa8:8806:21::1690
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8e::84
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc
2a05:d01c:1d8:8100:9449:420b:1a77:b906
2a06:98c1:3120::3
3.120.54.195
3.9.151.155
34.91.62.186
34.96.105.8
35.177.10.97
35.186.193.173
35.190.0.66
35.190.25.25
35.202.21.90
35.238.129.105
37.157.5.133
51.89.9.252
52.223.40.198
52.71.202.78
84.200.5.215
85.114.159.93
87.118.116.9
91.121.248.44
99.86.4.36
00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f
07d05ee65ab254ce371a0cf4a7346e9e0ebf625cb8de03493e4eb4ce706ee2ee
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465
0ea06f40de04e30bd37075608d540c7c50d144f0a7cc435c633f249c6902a10c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a32221a398bff05b9e3d86c39d446e622080f3731b22ea73b4043551f2047e
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
17aed269c2aa0b62c9cfc77021626f15a8add5dbb81aa3b7f5c5af562c2a8a3e
182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
1fbfff963eb97f28e3b6bdc5e628e27fac2717beca2642b76e7171abb126147d
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
229788376a77ac6380dcf37286c503556f46dd5f35886ac2b0df144331fe6225
23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325
246de55cb0e89a31fa93fa8dd530fa36e8bab5862087a80fce540ff7bcfa9d1c
2616c9a1fbfc326660005616dad5bf396b406af93e50fc5dae3ae40d56eb8126
267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53
2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e
26d00c228919ca91a78c690fbfaab3ab19e2c674258d1da7248ce34233ad930d
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f428d81f805eda4228c58c77cf6f9dc09294652f29febd686e37ca90c03362f
31395ea37360cb79a7d85a8a9d46aa7b1a0156461f189ae821905441daad80a1
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1
33a54386b7597b44f3a4295a2fca63efd12b3f4d89019788b02a288577c20fcc
344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
389bd89a4913957f457018d4e48fdddeaeaa492e047db362a6a4f30e944b0616
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3ac5caad1c486ad92b7234c502af91d15e08fd627a26978bf13cd1691a06b8ff
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71
463e9427d61d944e415ce60646cd567f43bb316dfed081a42cd5f0d525503a6b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e16b6aa49dcbb80b31363018bb4ed4554c6e6b94a4379f86f8db07d6aaa082
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a73c1760693513b2d4899879a05eef2d701c87bf707b0bd6a81ef114d57bc2b
4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2b1fa82b9bd7e4dd1fd524733565b595873686beaad4fbb0e732c2cde9f4fa
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
4e9ab8113cf6961224ec924aa0416f42149f3b7258728522590d9d45ade1d043
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
53ecfb7fb539e851138504ca730068408f677cff5d7ef348a0c7f69dbb31371a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56749a98ed9d7407c6d55f8c9b02c2af0711c5726485469411d1ad5f80aed0be
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92
5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743
5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f8a783bfd21e3d5602071b2ac000da29985addcdfff6d1ade4d41941bc9c67c
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba217c47f8a530cd1fbab05b9e9321cd16914ee0199eb35944638261e2ebe2
62db4a83c7d9a73707f55c212f1b5e56811aa93df17077559b84b41123863248
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6af5d86d27092ef26c17d28252e44dd793cb2dbb242ac153c323d36e41cf80da
6bee27de6ea2caf16ad1157df35619b4a85e60d0b65edb16778087d100ee4f3f
6c9cf4b8fc6aaabce3465eb341972870714d73b3ab82f6b48c24e70a29b4db79
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6fe1987f2761fb5aab55099c667abbb47a3bfa6a1e4e12472961935e50e8845c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289
730c3e057155e19d210f39ebdd2bd2a1820a4e6d47bfbafd26c787123dc67aa4
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
76d8bd10d90d2f903b3bd9c1d1dd591107dd5f74e73d982870211bd5966d6cc8
77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c0ef3f2ef1f7defcf7b9bd90f7fb577b56eb65b3b26568f8fc1fa65b0b7bb17
7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4
7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
83f4d59e4d8c73e6a6cb1f57e329ad13c075c31ad9da6f43f18740ebe82d6fc4
83fe2d78e9191d997830b9e4e492d6e83fb32a044584ec920e4f15280e2829d7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8a292bb17e3fdc18c0bacb659bc6b732690e2b938c577bb2a324e18c8861e2a0
8ceb2694c81db4ae53a09dfe07ca76cee71dffc8a6bde3a12e60cbcdffd50328
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7101534ef0d3b2b6293981fc5a18490b1d307f719bdc5838e836539324c311
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9
9819a4d0c484c09bffe230bb2e3059c08aa732eb42a43f090852c9db4b8fd74b
989d80f5577ffb3f370ed7271a456181e5fb38cb23c618f8d71584ad3021a4fa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b
9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1
a1eda1c884cecfbec25e30448e80aca5d897947613758a7cc2ae56f5e4b73e68
a2e0d2de51dc225af114789fc0740e5c4e84f03335b755d04bada07003141d8a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a388bacddd72da67a26c5dd0bfb9eb2575caaf8ea80e9ff5a7b63e0f300a55c7
a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84
a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75
a5593ec16264a800d091613e3c9334060e17b99d6cb1b99a404a3a9584505172
a583df7a09074a26a4ddbf7a8c7b89e810940b6b7d14656930d6a5e024389e52
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
ac63a064b70dc77c6aa7963b1ff7973cc255bdd030cd9c124665dcdfabd0a172
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b16da2c73419c5ebca38f6b5673f24fd136c8e88155d3abae1a0ba1b3f754a48
b3c716614b5b83e21677058c046054d8f5a421630700c32e6280a00df86af4ef
b3c91378277b2e27b507268d13e164275f4ed45f1184d87d952b0181eeeb3a13
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71
b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed
b9397137684651208494998e1dbfabe58cac87e2e0d402507004fb7a62c5d417
b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5
ba5a0efdff20b3d57efe46e272d0702939bf9d2e48c678f4052c8f4f5fe15c56
bad91132a0733a75b1c8f0204ed27c9ca836b730d8643d7f6e5601929612a493
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87
c281e65a91ee0ee836aff677027641b3f72eac21679771e291d9e42cd794e1dd
c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71
c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84
c6c494a78a39f30eb778c1bbe6d40082d6ed4e405481d1eabf3a869f10747455
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca275dd77cd911cd2e6fa1612657cfc3b67f9577d390eb8639fcea27085b285e
cb58afec45fe3b400fd9afae3fe3e56ae268abf6e7c5e700c6bd38de95d38648
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
ce5f1778c40ccd3646c4a61edde0630e5022ca3e7e7fc517f10085031d47a43e
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d2ce7a08e9159f3169ff9a4b8c923aa309ddeabee7ee03b1ac2a795cd9249cef
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d9c0df73199df3ed9d0036a03e52b74fde61c1a73c9f68ef257beb59ab138034
dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb
ddbb03496b0e3d3fca033d53a8c33bca6d13bdeccc4d5404d75e24d82f2a2213
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7d4d44cf0b624c3b7ffd0778e3ba873fa7e94408fa77f7e7ea2655739a533
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6002d515af2e37c4cf588186d56895eb893c60bf2c21b5380c366300e721ef0
e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e790e57b5e2b425d26a169ff72f22467114f21753bc0750ac13fec1654e6fc33
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e9196d58fac20d10e2f28876879b51fc7acda0b2018eef826c5973d69315c904
e9b4b9089114129040dcfad365b3efef6f4e48b5a567006e965e485fd7dae885
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a
eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f015661bd082da54c4a4e98702196df5567f48b3d9278469d8e625cc573931f4
f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f88640f9d84729446e126e501861646b3664e51c7fa08021d7b7e8c809ad0da0
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fbc17325e7575f7e337eb7305faaf6194c45d177ec3fff630e4eabbba3d560de
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fefb10032e9c503375fd8ac3cc2be876f835b2e6ea5022fbcb57a9b9babd1259

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::ac43:15df Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

89 %HTTPS

50 %IPv6

58 Domains

80 Subdomains

61 IPs

12 Countries

3356 kBTransfer

8481 kBSize

63 Cookies

21 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::ac43:15df Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

89 %
HTTPS

50 %
IPv6

58
Domains

80
Subdomains

61
IPs

12
Countries

3356 kB
Transfer

8481 kB
Size

63
Cookies

340 HTTP transactions
24 data transactions