estudyassistant.com Open in urlscan Pro
2606:4700:3032::6815:1e93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://estudyassistant.com/mathematics/question14521077
Submission: On January 31 via manual (January 31st 2022, 4:09:15 pm UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 33 domains to perform 154 HTTP transactions. The main IP is 2606:4700:3032::6815:1e93, located in United States and belongs to CLOUDFLARENET, US. The main domain is estudyassistant.com. The Cisco Umbrella rank of the primary domain is 688606.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 22nd 2021. Valid for: a year.

This is the only time estudyassistant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3032::6815:1e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	99.86.3.69 99.86.3.69	16509 (AMAZON-02) (AMAZON-02)
11	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	37.200.67.211 37.200.67.211	49505 (SELECTEL) (SELECTEL)
9	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
12	54.174.15.208 54.174.15.208	14618 (AMAZON-AES) (AMAZON-AES)
3	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.125.236.124 3.125.236.124	16509 (AMAZON-02) (AMAZON-02)
12	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	54.152.149.67 54.152.149.67	14618 (AMAZON-AES) (AMAZON-AES)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 3	3.124.248.240 3.124.248.240	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3039::6815:c06d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:55f3:aa52:2cab:d50d	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
154	31

27 2606:4700:3032::6815:1e93 (United States)

ASN13335 (CLOUDFLARENET, US)

estudyassistant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.3.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-69.fra6.r.cloudfront.net

cdn.dmtgvn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.200.67.211 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

bolrookr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.betgorebysson.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.174.15.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-15-208.compute-1.amazonaws.com

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.236.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-236-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.149.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-149-67.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.248.240 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-248-240.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3039::6815:c06d (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:55f3:aa52:2cab:d50d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	estudyassistant.com estudyassistant.com — Cisco Umbrella Rank: 688606	199 KB
23	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	171 KB
18	googlesyndication.com 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	75 KB
12	rxthdr.com pa.rxthdr.com — Cisco Umbrella Rank: 21444	2 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	191 KB
9	bolrookr.com bolrookr.com — Cisco Umbrella Rank: 563021	56 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 1809 as.ad4m.at — Cisco Umbrella Rank: 2190 assets.ad4m.at — Cisco Umbrella Rank: 34120	43 KB
7	dmtgvn.com cdn.dmtgvn.com — Cisco Umbrella Rank: 144431	183 KB
6	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3933 s1.adform.net — Cisco Umbrella Rank: 7975 c1.adform.net — Cisco Umbrella Rank: 608	38 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	2 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
4	advertising.com 3 redirects sync.adaptv.advertising.com — Cisco Umbrella Rank: 14903 pixel.advertising.com — Cisco Umbrella Rank: 327	1 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14362 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834	19 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 241 Failed	2 KB
3	pluso.ru share.pluso.ru — Cisco Umbrella Rank: 110655	42 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	68 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	951 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	582 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 39962	512 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	862 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	464 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9045	546 B
1	betgorebysson.club cdn.betgorebysson.club — Cisco Umbrella Rank: 139468	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
0	netmng.com Failed google2waycm.netmng.com Failed
154	33

	Domain	Requested by
27	estudyassistant.com	estudyassistant.com
12	cm.g.doubleclick.net	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
12	pa.rxthdr.com	cdn.dmtgvn.com
11	securepubads.g.doubleclick.net	estudyassistant.com securepubads.g.doubleclick.net
9	bolrookr.com	estudyassistant.com bolrookr.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com www.googletagservices.com
7	cdn.dmtgvn.com	estudyassistant.com cdn.dmtgvn.com
5	mc.yandex.com	2 redirects
4	ad4m.at	s1.adform.net ad4m.at
4	ups.analytics.yahoo.com	4 redirects
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	pixel.advertising.com	3 redirects
3	track.adform.net	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com s1.adform.net
3	ib.adnxs.com	cdn.dmtgvn.com
3	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	share.pluso.ru	estudyassistant.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	mc.yandex.ru	1 redirects estudyassistant.com
2	sync.1rx.io	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	eb2.3lift.com	2 redirects
2	x.bidswitch.net	2 redirects
2	s1.adform.net	track.adform.net s1.adform.net
2	www.googletagservices.com	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	assets.ad4m.at	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	c1.adform.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	sync.adaptv.advertising.com	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
1	s.tribalfusion.com	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	ads.eu.criteo.com	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	estudyassistant.com
1	www.google.com	tpc.googlesyndication.com
1	my.rtmark.net	estudyassistant.com
1	cdn.betgorebysson.club	bolrookr.com
1	cdn.jsdelivr.net	cdn.dmtgvn.com
1	www.googletagmanager.com	estudyassistant.com
0	google2waycm.netmng.com Failed	5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
154	47

This site contains links to these domains. Also see Links.

Domain
pluso.ru
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-22` - `2022-12-22`	a year	crt.sh
dmtgvn.com Amazon	`2021-06-18` - `2022-07-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.pluso.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
bolrookr.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
betgorebysson.club R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
pa.rxthdr.com Amazon	`2021-11-20` - `2022-12-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 11 frames:

Primary Page: https://estudyassistant.com/mathematics/question14521077
Frame ID: 70BB08EF292F660A6A40653E5E6FC16C
Requests: 91 HTTP requests in this frame

Frame: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21AB29F0F0D138B5F50125908AD581DF
Requests: 1 HTTP requests in this frame

Frame: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7BB516CB04098284E0F26BDBB272BCD6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C25D603B72CB312445B378E1BC043130
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57CA76A1D280278027FBC172C1A7A8EB
Requests: 2 HTTP requests in this frame

Frame: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBB189E074609C651CBE9B2A5C526C88
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfgJpgAOFP8Kd9cGAAjeJp9XTSY388CxowMBjw&u=%7CS%2FKlwaEx712k4RxNRQb9ypEivdritbKMmQDdcadzHkA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPZ57AO9Tzo-TiW8_RUaRRxSqp_DD-MTZ_v5oaXas8z1G_r4k41FoH5vPpL14R4kpXI-EwjYZhlUHZGr_JZnDGGDIgwZpVZOTv5kHM7BcygkpTxFiwR6NYa1v4V-NGDmi6HULduPVbt0xWcWk08-22EHRuQSR1rIdjORVaq22jWLib31Ecz8R54PhVOgWSWfwVRQp5yJWNGZceaFgzmb59ot0IF2i6AAHE5Q6_unyaqDf55CBUjM69D6TykG6nFkfFuNdsDJfB0sYA2Ph2V7RgEmD-jivoF_jA7DLhv29xz2aBQzoed8adFRXSTYHTGg8IhbDaZpQ3t02GwNO2rElqpuIln7UKMQKyOG0l4MRIFdyRkwS4pNw8lzaXLwNS0sQUS-ZS6vegpTvM61BVQF5cp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1coypgn4Yf-pOIau3wOmvKOQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDMwODk1NzUxNzM0MTIxMaAB1bbS6gPIAQmpAmjHEj1vvLI-4AIAqAMBqgSfAk_QIp_hsQ39e1SqSJVj9xGogtCV-5up7BRfxnCZY_Og-bfOSEIIldymWreW-qeIBtaI--Ul9nCYbbnC0vfAbN9qE71aqSIRCXJogRu7vIAMKthfz7DF4kYDqHMU0rws3Gc5EHwd7h_vFosIg_zf_BTXTxcGotQ5fl9S8U3LFud6-RZcu9CtCYCmc_lmo4Hdezm6n2HQztRdAl0bfDUfUlKb5okgvPK-ogvDMIiJyBgo2eF1XCccYHL9iF0dsQQ_vmHPWT9z084HJiMJCQikAo-k7Oa9bNHQFGR8n624aQTEJuQU2BtWLOFeYgfE5VhCzUo-mqQLgTxLDWVkv-ZOi9QBePQy4sK_AUHB39PmU9Ikj3JJV-CcRwsfUWrihUZf4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03P54wuz-dG-GmNMG2_X-JF9Owsw%26client%3Dca-pub-4308957517341211%26adurl%3D
Frame ID: FCB2D332E31A08B5693139D83E5737D2
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 848A7A843EB5359CC5BF9121055DF55E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CE2F85CD0562FDD0B623F142A5DD0DC
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FD16E4AD09DE626F0D62C095EFB18D1A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=ZHETyZ8M422n5YBaSUdTDYQhBixIzVB1&g=2ccf5df85c6c7e93798dd7079d18c84e%2F13040803372243920938&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1643645352021&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCsfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ%26client%3Dca-pub-4308957517341211%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ%3Bcrtbdata%3DsE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYQ7O-y1N9rS3wdRp3KijB1PaBk_f6OKdhps0_PvEg4-EpGRqsm6sRD0K9mEQGQcj9wmgb1BawPMGXtt2n4OwTFixfgN7wWhehNX7EYoWZQhUY3QujWf60ZHsGrJPZTwxO-VZsl5dxWnQMkllzAqADQrZPSVCRcBPzE1%3B%3BCREFURL%3Dhttps%253a%252f%252festudyassistant.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: 5EF339B17ED3CD96B74A7D883EB5FB48
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lincoln is measuring the angles of quadrilateral wxyz to determine whether it is congruent to the quadrilateral below. quadrilateral

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

154
Requests

87 %
HTTPS

46 %
IPv6

33
Domains

47
Subdomains

31
IPs

8
Countries

1228 kB
Transfer

2865 kB
Size

38
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/US/app/homework-helper/id1508326296

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.styduhelper.us&hl=en

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 110

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDW99EMlHcmjjL4I6V-smcE&google_cver=1&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDW99EMlHcmjjL4I6V-smcE&google_cver=1&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY&google_hm=nEv1clbeScynZbR7NqyJQQ==

Request Chain 112

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEExLG6yvngdb1YKZ7qBav74&google_cver=1&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi&google_gid=CAESEExLG6yvngdb1YKZ7qBav74 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyMjQwNjUyNzU4MjA4NTczNzg5Mw%3D%3D&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi

Request Chain 113

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ&apid=UP20931de5-82b0-11ec-82a9-02d7d72fe88a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ

Request Chain 114

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAV4Bs9G0NqI3J-UcgwZVO4&google_cver=1&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGeMVRY7ek6PnoVtySs_hnp59dMhRiQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAV4Bs9G0NqI3J-UcgwZVO4&google_cver=1&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGeMVRY7ek6PnoVtySs_hnp59dMhRiQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05LnIwTk05RTJ1RTQ5TzVoZzlvRnlTejMuNzVQR3k1MX5B&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGeMVRY7ek6PnoVtySs_hnp59dMhRiQ

Request Chain 133

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA7EkXOK211Hy8YAfSLlF2s&google_cver=1&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BWbO5mcAExmDox HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BWbO5mcAExmDox

Request Chain 134

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENdDEMICKNYu6s6Z--Gb57Q&google_cver=1&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs1RSmkmfNEsHdI54K1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs1RSmkmfNEsHdI54K1&google_hm=qBJO-TFhTyOZZpydxe58GiA

Request Chain 135

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELvgGaKkTFi_GjqfJ1imUP4&google_cver=1&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjMnlig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjMnlig&google_hm=NzE0MDMxNTIyMjMwNDM4MDg4OA%3D%3D

Request Chain 136

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5XwRaK3zfnWSDDva7tI9s&google_cver=1&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPkEzUmb8dBRnWxGRkeFEZuah HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIyNTY2OTYxOTU1NjI1NTMwOA&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPkEzUmb8dBRnWxGRkeFEZuah

Request Chain 137

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOYGG7HCy3vlRqR0dDrPXAo&google_cver=1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643645351746 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-48b7a77f-5d5e-4402-8d79-bfc92a9b7d0d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3%26google_hm%3DA0i3p39dXkQCjXm_ySqbfQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&google_hm=A0i3p39dXkQCjXm_ySqbfQ0

Request Chain 138

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPYtW8wighiiIPt0XlMaSQs&google_cver=1&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGFZ8wUvcvVGtrUbTH1yO52x-H3CXEG9KTF5ANw HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPYtW8wighiiIPt0XlMaSQs&google_cver=1&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGFZ8wUvcvVGtrUbTH1yO52x-H3CXEG9KTF5ANw&apid=UP20931de5-82b0-11ec-82a9-02d7d72fe88a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGFZ8wUvcvVGtrUbTH1yO52x-H3CXEG9KTF5ANw

Request Chain 146

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9535.WahfQA9ulhSfnVvdECstTBELzH_8lmcmrksThOOwMjktW8T1eZo-XzUhJcOdWNpe.N7eUCERuJxbcvEqZFSIozCHdhRQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9535.DzQAXwAglI1PxJ5ItFRm5XMFEBDJID3o9lN0zhOgGuDOj6gBtqCC4FAZJJyXom1TNZX5RVpiySouDY07XQF04w%2C%2C.9cbV0uXEoGXn7wdrtPDp3aDS93M%2C

Request Chain 150

https://mc.yandex.com/watch/66586483?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A355%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A562582049959%3Ahid%3A188768221%3Az%3A0%3Ai%3A20220131160912%3Aet%3A1643645352%3Ac%3A1%3Arn%3A444761635%3Arqn%3A1%3Au%3A1643645352667754604%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643645349103%3Ads%3A9%2C119%2C189%2C1%2C0%2C0%2C%2C375%2C1%2C1486%2C1486%2C4%2C694%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643645353%3At%3ALincoln%20is%20measuring%20the%20angles%20of%20quadrilateral%20wxyz%20to%20determine%20whether%20it%20is%20congruent%20to%20the%20quadrilateral%20below.%20quadrilateral&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/66586483/1?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A355%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A562582049959%3Ahid%3A188768221%3Az%3A0%3Ai%3A20220131160912%3Aet%3A1643645352%3Ac%3A1%3Arn%3A444761635%3Arqn%3A1%3Au%3A1643645352667754604%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643645349103%3Ads%3A9%2C119%2C189%2C1%2C0%2C0%2C%2C375%2C1%2C1486%2C1486%2C4%2C694%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643645353%3At%3ALincoln%20is%20measuring%20the%20angles%20of%20quadrilateral%20wxyz%20to%20determine%20whether%20it%20is%20congruent%20to%20the%20quadrilateral%20below.%20quadrilateral&t=gdpr%2814%29aw%281%29ti%282%29

154 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request question14521077 Show response
estudyassistant.com/mathematics/ 72 KB
17 KB 317ms
189ms Document
text/html 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3adfb41a5fcd4f3a53970a45d5d589034b13ca95aa55ca19ced5a14474bdda28

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2592000
expires: Wed, 02 Mar 2022 16:09:09 GMT
last-modified: Sat, 15 Jan 2022 23:48:27 GMT
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpaBty%2Fhg5L4lv9hDTBdF2y%2BekGQ5clfJgh0nQJ542bfITbN86rz9tARdY2%2FfjOEykvA8kolZWlrRIWor5hTwDg302hCcG9%2FwQCRHaX3ndB%2B2wkrqkqkzW7zQSmYEuKx3VBXT9WytUihnNWYqG17mUF8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d6433e8ff12f3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 manager.js Show response
cdn.dmtgvn.com/wrapper/js/ 5 KB
2 KB 196ms
69ms Script
text/javascript 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 153fdd7e2c7940ffdc7058af1326aabe4025c47ab28f1b699e9ef849a698382c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:01:06 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
server: nginx
age: 483
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=600, public, s-maxage=600
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: 5eLi06_Rsmq7OHIQMTYp_bNmABdcsTkG764JwawAxqPfSuuD2LDtQA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 181ms
103ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

881673e60d61362db401af4c8ebe298f410b4491319156165a72e529b15a5854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27100
x-xss-protection: 0
server: sffe
etag: "1118 / 255 of 1000 / last-modified: 1643639060"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 16:09:09 GMT

GET
H2 200 logo.png
estudyassistant.com/tpl/images/ 3 KB
3 KB 75ms
73ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/logo.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477be6cd75c995816920f2a5a81d11ef507d88dbe12e8d7ac3463af9993a0ad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3107
last-modified: Sun, 26 Apr 2020 17:14:19 GMT
server: cloudflare
etag: "5ea5c16b-c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r5vvnKGYIUJdqfa8AXOBGp74pFhIxOhH2RcMjm0QqpVuo4rPxkQFRqO9Y1o2whmklHD3cIn1z7z8iuuT1SNSCvVjduayGqXMbx2bAkHUNpUcvqiw%2BxFAWgE5mkJ4MoLRM%2FpE%2Bb2Gl5MhuCOO7Rn95Y1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38c4f3ef-LHR

GET
H2 200 mat.png
estudyassistant.com/tpl/images/cats/ 4 KB
5 KB 76ms
74ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/mat.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adcfa3cd56fbae377540d31998f8e48c08815914f81fde31f57e269f0a1a414a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4549
last-modified: Sun, 26 Apr 2020 17:14:46 GMT
server: cloudflare
etag: "5ea5c186-11c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwGCTbamV0dI%2BZr8RCWHdYiOBwlBwYjFJEHTtM9irgwGS2qILomcvlfnxovWamOsMZkvQBhxceqwxdtGam53ADsO0RE4W4L7%2BkJbfItUGVR%2BFkzglWCptIY01lwEhnmX%2FQLw8Ngg2eWmjPxSA59Y350s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38c7f3ef-LHR

GET
H2 200 User.png
estudyassistant.com/tpl/images/cats/ 1 KB
1 KB 70ms
68ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/User.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74a0fe6f07e1aa92489587bea0e19d184bef6beec76616f8c49a6d0c4c5d50e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1114
last-modified: Sun, 26 Apr 2020 17:14:49 GMT
server: cloudflare
etag: "5ea5c189-45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rSCYQLUd7CknNonqsulyWClXapQrH0Z5xZdkXgfBckXhZfE7FzNROWI8x1hx%2BvLifaOgnRSqMSq9fSGYM%2FYj5McR94UhhW5QNpQKiNLS5H9sh%2FXcLIctX0HqynPIRLkGLuNzJCbbnA7pJeOXQnHgVBI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38caf3ef-LHR

GET
H2 200 13b1d.png
estudyassistant.com/tpl/images/0469/1649/ 3 KB
3 KB 140ms
138ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/0469/1649/13b1d.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae59f5a823799dbfd1be870539ebf3a8a639f7506c51aa48f3095c165fe29e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2619
last-modified: Fri, 19 Jun 2020 04:21:28 GMT
server: cloudflare
etag: "5eec3d48-a3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HdOB5cZJ6IbzFDgA6tVgVltoRImwXEFHyX7sCZzGQAZMIorX8M8S7%2FQKr4OQKOzyXRfFDLpBVmMKVONX2vDrA32EWgCPF0RFlQQDCb9AYpWWX6pG6KRLRcaZ%2FOTdf0f9RvhYTN3Pbmcg1Ufx%2FSDiMrh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d6433ea38cbf3ef-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f68e8.png
estudyassistant.com/tpl/images/0469/1649/ 2 KB
2 KB 144ms
143ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/0469/1649/f68e8.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5363bdfeab1fa2b2766524bf2cf2abaef986810dcf0163bf59ac18d4f3f3da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1980
last-modified: Fri, 19 Jun 2020 03:28:32 GMT
server: cloudflare
etag: "5eec30e0-7bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMYycRfmC2n3GnGDw3HiHtUvegi8BbRmCawRmQie6TXOndiWQ56zJ9Tz4LqcK3wwSh4FyvoI%2BeIphnM9jI4vN0NVGvBj7wLTIT26JYXNFb9AUxQQpjxpo6RFMvVFt51qBSxnMlPN0%2FgFIoW5ShGP%2Fkdi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d6433ea38cdf3ef-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ask_question.png
estudyassistant.com/tpl/images/ 21 KB
21 KB 79ms
78ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/ask_question.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f34acc6b6a19f227a35375b416749dfbd3295745ee427ea1c8f32a59b42ef9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6017
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21245
last-modified: Sun, 26 Apr 2020 17:14:15 GMT
server: cloudflare
etag: "5ea5c167-52fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md1Tbwiv4f2fXuMe7o4Cr7aM7i%2B7B92PDxZiPurL4w4cSzyDW5byM%2FER0yzK6HV7FJaCVUsLDOTwGIphHGxOlCUMiITe%2BmPC8fJRz7di%2BGvEsDr6owiAdhyzkfNrQ715lOowgDweuJc2MsQLMBGcnEDa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38cef3ef-LHR

GET
H2 200 ask_question_mob.png
estudyassistant.com/tpl/images/ 11 KB
11 KB 76ms
75ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/ask_question_mob.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1226ed75be00d218e95c354854aa78762d0c71f6d96460dbe402397a6bf1ca47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11368
last-modified: Sun, 26 Apr 2020 17:14:15 GMT
server: cloudflare
etag: "5ea5c167-2c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiqquCON2AjvXvA7unRuOZWqNKe031VDYMnrduSgzjSKpVNcIwj3is%2FYY0gNm5qxjECPY0Auy%2BFdIPiSRUqWr53p5B6h0k0PGw30foqWu%2BPKp4UJO49fNsB5BS0OnNJ5oNShLZMcaQSkX8lpjA010xoA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38cff3ef-LHR

GET
H2 200 es.png
estudyassistant.com/tpl/images/cats/ 7 KB
8 KB 109ms
108ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/es.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc110930238021e87453898097595727cda52d49df5304c4f361310e3573442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 26 Apr 2020 17:14:43 GMT
server: cloudflare
etag: "5ea5c183-1dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuZrRbp3ENKvNEqm8PWSrqPKi9F4%2BbGY%2BrT9Ag9R1wAKfejtPh5iV21SLAGkcbW1tel%2BRC7j5WIyczYGzgun2JyKVoRL5MfX43igZd7JySHfz7Ogm0Gn2SI2X5t4OaEV3H0baWWZgABD7sAwcJj7kNQi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d6433ea38d3f3ef-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7662

GET
H2 200 istoriya.png
estudyassistant.com/tpl/images/cats/ 7 KB
7 KB 87ms
86ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/istoriya.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01edd006bdde0c6ad6e95d25e1e2e429f520d98bf72bc928690d1a33afbcdf12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7108
last-modified: Sun, 26 Apr 2020 17:14:45 GMT
server: cloudflare
etag: "5ea5c185-1bc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm4bo0miKo%2BUa7Kkv9NhjHrdMpRFF29r7TfDLCcC6plmuQm0Ul0ctmQG8qtl%2BaLhYfqHtFGYCIYEKEG%2FGUpPVFoKydxQSxjvZr2HjkY3Fh5buR6DSQ3VDH7YLKdNGdw4%2FBN%2BoUPZ2tD%2FT511noUTyi8c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38d5f3ef-LHR

GET
H2 200 biologiya.png
estudyassistant.com/tpl/images/cats/ 6 KB
7 KB 99ms
98ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/biologiya.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548e1a8669279d22aa3280ffb9edcd06bfc7a7010c4daa5a3500b84f6fc08cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6622
last-modified: Sun, 26 Apr 2020 17:14:41 GMT
server: cloudflare
etag: "5ea5c181-19de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPs4KiF%2BDX9s%2FD09mA9g2dIoQkpQx9CLFNDYLo7bA67r9MyAc0p0Hjgw20VdQItd%2B%2FRA4RJOcPUZ32%2FhCffexzNra5GN9YZPDAGfGiAvi3e4qv8Bvkc9I%2BKz0NJtifv0qcNAibRIHQEVDnuU%2B7XSt%2FD1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea38d6f3ef-LHR

GET
H2 200 en.png
estudyassistant.com/tpl/images/cats/ 4 KB
4 KB 144ms
143ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/en.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa857264b7d276cb1d2dd2e705cf4998376910602c8b36779eb1f2742deb399c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3911
last-modified: Sun, 26 Apr 2020 17:14:42 GMT
server: cloudflare
etag: "5ea5c182-f47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxPElF1er7CUrixVAsw31KchjLbkDAGPrWZI1IPzO64micljhn3R54oP1DEj7hiN8RI%2FpUnKkx4BCbe0KcPqF62HsAxKZWykZlLDzTvSfq6DOGWuxHdbeXMNGXS3LDup3DaeBLRfRbJsRhDWpYGlyj%2F6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea9957f3ef-LHR

GET
H2 200 obshestvoznanie.png
estudyassistant.com/tpl/images/cats/ 7 KB
7 KB 144ms
143ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/obshestvoznanie.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01edd006bdde0c6ad6e95d25e1e2e429f520d98bf72bc928690d1a33afbcdf12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7108
last-modified: Sun, 26 Apr 2020 17:14:48 GMT
server: cloudflare
etag: "5ea5c188-1bc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h94CRfr8IzlUjGfdutUlLBBLfF%2FgbfLsaSoNSt077VJmDC571itlC%2BWp8Awh28CWYJyvfalTqhZ%2Bq3y1MRYArN1lKFkNFPnfWVPFOoZYxtfK1wfKafw8SVUmntjA2ANTB%2FpJjrZaAT9bTvlN%2BTZ9%2BV53"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea9959f3ef-LHR

GET
H2 200 himiya.png
estudyassistant.com/tpl/images/cats/ 5 KB
5 KB 190ms
189ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/himiya.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef4e7c196197df95d2332f902e148d2051ad5218b30527a5512b8b9c4f1a49c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4909
last-modified: Sun, 26 Apr 2020 17:14:44 GMT
server: cloudflare
etag: "5ea5c184-132d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2srFMnQRsy2EMBE6Ss%2FX3S9i0GWr%2FeyytLAfBriKI2slTUfoDvPY5P84YxJ3eI0XjMHdtQUEcJaSsr4ZwHuq0RoCdfO7%2Bf3G82n8XwWr3UoqANonf60FhVATtTT7%2FDzYFHbYrLOMrrhYMZ7MmMoKUrQt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea995bf3ef-LHR

GET
H2 200 ekonomika.png
estudyassistant.com/tpl/images/cats/ 4 KB
4 KB 143ms
142ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/cats/ekonomika.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea66c3595f31740cbdde9793465f84b6def41c46981afe09cbb631579b58be6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4115
last-modified: Sun, 26 Apr 2020 17:14:42 GMT
server: cloudflare
etag: "5ea5c182-1013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6RLakpy7vn3tZD9iRJcXHkoH8zFFo4bsrC97Mb9l%2FOPgDW16utE9FC0f%2FR%2Bd2eRtg0%2B8BCcoetf6rl0fndu1Lmc09fMMWRoW0ugl0WLttxgY8qcmJgd5hC3bGroenq0UMszIeBP3v%2FJjB9w0edl7E5F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea995cf3ef-LHR

GET
H2 200 delete.jpg
estudyassistant.com/tpl/images/ 421 B
768 B 145ms
144ms Image
image/jpeg 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/delete.jpg
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 443eaace79e691c39af54b703712d06270b2e63642bfd912f1f98131309852fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 421
last-modified: Sun, 26 Apr 2020 17:14:16 GMT
server: cloudflare
etag: "5ea5c168-1a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYsex39AtNHGw5%2BY1cOu2tK%2BN4UZT9HTGpVXW1ONewQc%2BhCWV6y1FTN1KkjAQlWekjacmur4YMr1q0VYu%2Fy7GUFjDCkvbVuV69aKc3r9%2BMvbUsrVKjO5yQ3eVQj9v4eFFhqFCWJHIUu2huHqDpCpJmlk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea995ef3ef-LHR

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6448e978afb364dd798e9f7847b4c0a41749f61df7d89a97a957302e9bc3eed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 search.png
estudyassistant.com/tpl/images/ 543 B
879 B 146ms
146ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/search.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63717fde2fea1c5b5e0a26ce96c8592fb74fc0bc32bbd4aebbd43ddd4eec9b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 543
last-modified: Sun, 26 Apr 2020 17:14:22 GMT
server: cloudflare
etag: "5ea5c16e-21f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJk195Y1JqysHKrGkih6NLTlShIectMGXAQ435IocKvPRr3q7srmSdJ1qklCqCD%2BLm2F2ylzxhpKnnfJ1fyJsX5d5Pb07oMh5U4ZblLGT9L%2B0ntM18h2m8JxJdpbhxftUPeSKv3ooJKHnOhgRowaajwe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea9962f3ef-LHR

GET
H2 200 jquery.min.js Show response
estudyassistant.com/tpl/js/ 87 KB
32 KB 141ms
140ms Script
application/javascript 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/tpl/js/jquery.min.js
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1918262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Aug 2020 17:01:10 GMT
server: cloudflare
etag: W/"5f2ae5d6-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7It3PuLfngVqQcy83KufOglMmzvgrUvwIUoP97MlUj719JEQVoUsbdI49%2FfRYi9N65Jxq0GQ%2BXp09rcs1SlMNOrQXYVzJDUNCQHO29TXItUafQiML9PBYdvdGaWRdPVt1nu%2BGP2V%2FWz76FvXNAV2h25"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d6433ea9964f3ef-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushy.min.js Show response
estudyassistant.com/tpl/js/ 3 KB
1 KB 140ms
139ms Script
application/javascript 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/tpl/js/pushy.min.js?1587921268
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e023e4a4214ad7f7cc618b8f674854c0cfd8f66232ba665e3be4ad54e46a779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1918262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Apr 2020 17:14:28 GMT
server: cloudflare
etag: W/"5ea5c174-de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHgmSoMQh1jp7VLUyV9h4ZExwKJxlg%2BHualwVQ72Agnakkg%2F%2FC5ovEl7dZOk5UvSML%2FRgGYNgcN1t8%2FWVjyh%2BqoD1juuT10SzujhRAb%2BvmJX%2BbrnrnbpHJp6uaknIlN3fhjUsTChHRAORTg82XM0oCZw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d6433ea9966f3ef-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.min.js Show response
estudyassistant.com/tpl/js/ 9 KB
3 KB 140ms
139ms Script
application/javascript 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/tpl/js/script.min.js?1621989665
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa4b22aec01888aafb1fec844e6c3a63df0295e9d8d6187ba8c600011cbbe8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1918262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 May 2021 00:41:05 GMT
server: cloudflare
etag: W/"60ad9921-2541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIW7D0Dd9YZvr7ni2ftaAv1CFMgk9gGzbWZw3mpNzA%2Ba0n4WY1DwEoVDY5y8XwOGV2xxPJF6NeRpFNVdYOyIfrrIR7MMPfwuOcw4tO9nPVfgNYbEAwfu1AUtf1OI%2BJPBc09PoYmOBuaZmWxDs1evVAhD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d6433ea996af3ef-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.png
estudyassistant.com/tpl/images/ 2 KB
3 KB 141ms
140ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/app.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3ada3d46c14bdfb55b19e2e4574a01c7f7033ad84e03441524c41a3ae1bd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2397
last-modified: Fri, 31 Jul 2020 00:45:34 GMT
server: cloudflare
etag: "5f2369ae-95d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksMLIcvZYKXkyn%2FvqALDNC5ExPaDx6FC3q3fKATOcv%2FtXKqdqQi36ZvCCo6uPg%2BN80BXKi%2F7lHMX56XPRco7Ot8GhI9VkFpJWgOjnrVEFErzYx7a5%2BfsNnWJyunCOxs1rdgTfcMXIRrC4Ap3TnDJ3ZW%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea996bf3ef-LHR

GET
H2 200 appand.png
estudyassistant.com/tpl/images/ 5 KB
5 KB 139ms
138ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/appand.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282b11b07d9f10a597330980c933a98883ab1cbcf7c980f13eb6ff897015a3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4993
last-modified: Tue, 15 Sep 2020 18:59:58 GMT
server: cloudflare
etag: "5f610f2e-1381"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV5uaRPI9A1zOoPT%2F4WFm6EhBrEUyV6eMIzRbGLgDbq8GpGKC23zlqow8rhqFdJ4W%2B0XDsPqPLB1DNbC2iCvI7VCzdFPLUDW1TpngbbIKctgKxvf%2Fu%2BZdyIZ69aYM0cJrJdAn9FawttIhw7hv8%2FLiT50"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea996df3ef-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 152ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152409348-6

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b8d7e1214ab48c05a7f90e7a6c694d3593fc3c220a3f0a0e846ae126f0ec863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36118
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 16:09:09 GMT

GET
H2 200 loading.gif
estudyassistant.com/tpl/images/ 42 KB
42 KB 138ms
137ms Image
image/gif 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/loading.gif
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fede2eb48c6fd87a59b25b7db7a0b4a226b962fa1e7f585f015d884c698ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42655
last-modified: Sun, 26 Apr 2020 17:14:18 GMT
server: cloudflare
etag: "5ea5c16a-a69f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na1Dla6iNRBJp3Co41qJoDN%2BcN5qksm3LDTjQ1lNdvPl31D5CB7lXh29L1w%2BnXPrbKu1vHvUJ6dFa9DZlbcHXlINgJpAEv9UFAjUiE%2FrW94ivxUZDl%2BHT7p6zfCdMKSQ1cOU6LJsRmKGxpbc39SCjFQB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d6433ea996ef3ef-LHR

GET
H/1.1 200
OK pluso-like.js Show response
share.pluso.ru/ 42 KB
14 KB 1098ms
100ms Script
application/javascript 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/pluso-like.js

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a25e941a479d97779361f94777f374683b6feff885e5020532361b88cb63d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 May 2018 16:59:21 GMT
Server: nginx
ETag: 6482391917018938074
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 200 common-engine.js Show response
cdn.dmtgvn.com/wrapper/js/ 326 KB
83 KB 86ms
85ms Script
text/javascript 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/manager.js?pid=eb107cdf-35a2-42a1-9d1c-f92094e2e026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 45cb8c56b9029161553d29c985e0195df050de29eaaa075176f50ce141cbc5e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:48:10 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
server: nginx
age: 267658
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: ezN-UWj4aoOUtOqJtDOtgr_uYX6ybi00bmF--0sca6LfrrkUZTG1sw==

GET
H3 200 pubads_impl_2022012506.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
119 KB 126ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 15:13:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
115 B 151ms
74ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

1a64c77730d6526173088d52376d071f655edfbf422911ff8d1438adc5c0b13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Mon, 31 Jan 2022 16:09:09 GMT

GET
H3 200 like.png
estudyassistant.com/tpl/images/ 280 B
868 B 187ms
187ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/like.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148542a5e483d03494dabdc1d5e82cbfe6090185e1f2f2ecd71a966968049246

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Sep 2020 00:42:47 GMT
server: cloudflare
etag: "5f728307-118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBrBOlyxefyibnintDB5H6tLyjxpkOIYivAuPJS0%2Fh1iHxDcPaus%2BfGjIE0Y3168n0g8WgfhKexwYAbb7YTF%2BPdXJTirM9g8qm0iGllmaEbtCTLObGtcCcnFMW%2BrAAbHFpkGTNWkQcEGeHe2BlTKM3wQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d6433ec68f483a6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280

GET
H3 200 useless.png
estudyassistant.com/tpl/images/ 330 B
883 B 436ms
436ms Image
image/png 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estudyassistant.com/tpl/images/useless.png
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cd27658dc8b2765e88b832bf48602db95fe37072c541df8fe8cbb371f81201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:09 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Sep 2020 00:42:47 GMT
server: cloudflare
etag: "5f728307-14a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtQZq7Z71pwEWeYu38Kcs6Wf8hLhaviCxFAKI6IQhHodgT2ZSUQrgDe1TsA3aOkcjB%2B53XPczDhycq1vcHPl9t3oUhoV19wz41Qhu%2BPuSgKTsHGouhizmQw8AGWOc%2BH0NM9DSY2WnIJqGm18EfhS4%2By4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d6433ec68f783a6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330

GET
H3 200 view.php Show response
estudyassistant.com/api/ 3 KB
1 KB 513ms
513ms XHR
text/html 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/api/view.php?id=4691649&0.2834241473052619&_=1643645349782
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/tpl/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00bd40e8d5f99ed3ddd16d0862b1c486d58c7b5671facb786f973012b413e98

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://estudyassistant.com/mathematics/question14521077
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxIsggrk12%2Bt9Do%2FWy9gsC7fJwBil%2B%2FfMV9M2C3KfhnH6brFz7WokKHNmEvnxlQrK7mA%2Fa2%2F7zfkRc31ydiiQ4gxR8jPePs0lncgMJjUZ5hfeoCxr8IY9ypsO4zx3tL69zGxbToLWdLvUoIUI%2FKzPORk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 6d6433ec793383a6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Jan 2022 16:09:09 GMT

GET
H2 200 tag.min.js Show response
bolrookr.com/pfe/current/ 15 KB
6 KB 504ms
331ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bolrookr.com/pfe/current/tag.min.js?z=3540614
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 80a515be88589e377458107d98dd2dd654a0b1f56c4eaa42f912de832ac36cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 11:25:26 GMT
server: nginx
etag: W/"61ee8ca6-3c3d"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 235ms
85ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152409348-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2056
date: Mon, 31 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 17:34:54 GMT

GET
H2 200 76b7a556-da7c-4d12-b354-086968d653ad Show response
cdn.dmtgvn.com/wrapper-builder/placement/ 2 KB
903 B 271ms
83ms XHR
application/json 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper-builder/placement/76b7a556-da7c-4d12-b354-086968d653ad?v=d-68a874e7-2e55-42ad-a6ce-badd93edbce1
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 8fa9f488c36fce461c4ab59c242b91a80425fb73092c2d4a3de521c7af9d0955

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 07:32:37 GMT
content-encoding: gzip
server: nginx
age: 290193
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: XYYAdd5v0rsDrXbL5pQqLCuSz1aBkcTRMp5RM78c0erPR29iFGJemg==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 f38d0c96-ab24-441c-981f-1e1b0459d027 Show response
cdn.dmtgvn.com/wrapper-builder/placement/ 2 KB
859 B 277ms
90ms XHR
application/json 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper-builder/placement/f38d0c96-ab24-441c-981f-1e1b0459d027?v=d-68a874e7-2e55-42ad-a6ce-badd93edbce1
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: dd61c775632c0d32bc6fe1fdaa8ca4e71deffafd6ebfc8f28c8b99fb7102e2f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 07:32:37 GMT
content-encoding: gzip
server: nginx
age: 290193
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: N7niuCl-DDuAg_8jgS6prCDFv-b4kJwpsL-Gi9EFa0oqROuNGum9tQ==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 3d703193-0a12-4c1d-b23b-04ea39514c6c Show response
cdn.dmtgvn.com/wrapper-builder/placement/ 2 KB
892 B 272ms
85ms XHR
application/json 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper-builder/placement/3d703193-0a12-4c1d-b23b-04ea39514c6c?v=d-68a874e7-2e55-42ad-a6ce-badd93edbce1
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: d79bbc3b9786ba971d84dd408bf8870902a0967cb3a04fe5d5b18e3c25543732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 07:32:37 GMT
content-encoding: gzip
server: nginx
age: 290193
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: qWeW5U9hLNeJLivxPRMChaNW-Wa7zg_gUwjtaj7G8Gn9ZBnRzwvVvw==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 db5c6543-5d89-4d63-a10a-203d17b57883 Show response
cdn.dmtgvn.com/wrapper-builder/placement/ 2 KB
870 B 271ms
84ms XHR
application/json 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper-builder/placement/db5c6543-5d89-4d63-a10a-203d17b57883?v=d-68a874e7-2e55-42ad-a6ce-badd93edbce1
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: cee94685d59f71133baca92538998e0a56e11b96d73933a987dfdc73dd8ac579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 07:32:37 GMT
content-encoding: gzip
server: nginx
age: 290193
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 7kMdn7_OWXjLizEW9LCLNOWB7RIMCo_NlV3h8SQ1LSWexI56yiLACQ==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 132ms
61ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=702433754&t=pageview&_s=1&dl=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&ul=en-us&de=UTF-8&dt=Lincoln%20is%20measuring%20the%20angles%20of%20quadrilateral%20wxyz%20to%20determine%20whether%20it%20is%20congruent%20to%20the%20quadrilateral%20below.%20quadrilateral&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1497400931&gjid=1341158526&cid=1746424508.1643645350&tid=UA-152409348-6&_gid=1272451448.1643645350&_r=1&gtm=2ou1q0&z=522732248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
cdn.dmtgvn.com/wrapper/js/ 302 KB
95 KB 79ms
78ms Script
text/javascript 99.86.3.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-69.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: d260afb8e5d677930f4d728da7db365e397e68fb24c6cdc24414108f0aba7980

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:48:13 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
server: nginx
age: 267657
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: 2TFIqosAHBs2U_FVgtOsuryBWffYiUg1FExbHd4nOza_0aOcFtZ-ug==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 146ms
41ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
36ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 475 B
290 B 210ms
210ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=2843298759285282&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-970x250__wf-high&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C970x250%7C728x90%7C970x90%7C300x250&prev_scp=floor%3D120%26roxotRequestsCount%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643645350164&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=76&adks=2014135768&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=970&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

44f025fc4862a5cadae6f73efe03371ffe469d520221de0d01ef1164390274f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21AB 6 KB
4 KB 137ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 31 Jan 2022 16:09:10 GMT
expires: Tue, 31 Jan 2023 16:09:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 475 B
289 B 231ms
231ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=1839258149532020&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-300x300__wf-high&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x300%7C300x250%7C300x100&prev_scp=floor%3D90%26roxotRequestsCount%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643645350179&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=985&adys=173&adks=2126549467&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=300x100&msz=300x100&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

bc90dbe100df3756942bbff396b9404373ba578262e89519be5878f0af13e4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zone Show response
bolrookr.com/ 765 B
1 KB 44ms
43ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bolrookr.com/zone?pub=0&zone_id=3540614&is_mobile=false&domain=estudyassistant.com&var=&ymid=&var_3=

Requested by

Host: bolrookr.com
URL: https://bolrookr.com/pfe/current/tag.min.js?z=3540614

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

469e59e43641a7fc7aff65d6a20c970c9f01955daf6e352f9cc21cb0f1440faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: f61b5bf3fc2d1f2850fe39f0a1f40734
date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 765

GET
H2 200 universal.min.js Show response
bolrookr.com/pfe/current/ 127 KB
48 KB 139ms
61ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bolrookr.com/pfe/current/universal.min.js?v=3.1.353
Requested by: Host: bolrookr.com
URL: https://bolrookr.com/pfe/current/tag.min.js?z=3540614
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 227816ec94e1aa2062f82ee60d86113aaac344e49af6d26e2597847a8edfc826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 11:25:26 GMT
server: nginx
etag: W/"61ee8ca6-1fc86"
content-type: application/javascript
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 230ms
96ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: 1.0.1239
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19135-FRA, cache-mxp6974-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-K3MOFkCoAd0yNe1cWrUcd8LOf1o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d6433f099ad3745-MXP

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 120ms
40ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c1523e058239d33791fe59d84284fe0be12f37b28ec5b4a3ea2d2cf03113c30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:09:10 GMT
X-Proxy-Origin: 217.64.151.32; 217.64.151.32; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5b2f8a13-8f06-4107-9d06-65613b52e6e8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://estudyassistant.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 97ms
35ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

cd70709cd53b0e325da33e1b92feac21857a623aa07242ccec4a99103ab2a1f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:09:10 GMT
X-Proxy-Origin: 217.64.151.32; 217.64.151.32; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 61f38729-b694-431a-8202-2f8bea1e8669
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://estudyassistant.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
820 B 75ms
22ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/prebid.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c7729e7206aad843bd8b0af1260afeb8cf41e256ceea87305d09d8d528a7b58d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:09:10 GMT
X-Proxy-Origin: 217.64.151.32; 217.64.151.32; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 70795e0c-e4b4-463e-9c1b-a3d561caa248
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://estudyassistant.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
19ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 202ms
201ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=3901981204207246&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-600x300__prebid&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C600x300%7C600x250%7C300x250%7C300x300%7C336x280&prev_scp=roxotRequestsCount%3D1&eri=1&cookie=ID%3D776fa466eb6a208d-22ff17b42fcd0080%3AT%3D1643645350%3AS%3DALNI_MbH8Sf1onGpvwv3SFikOA63yevQSw&bc=31&abxe=1&dt=1643645350478&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=325&adys=1651&adks=763120980&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=600x250&msz=600x250&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

9142726d1acb8a75e6e77c7ba34c0da7c63b0ff32de1ffd7fd381915323f77a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10907
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
280 B 491ms
491ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=1002255952016183&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-970x250__wf-low&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C970x250%7C728x90%7C970x90%7C300x250&prev_scp=floor%3D15%26roxotRequestsCount%3D1&eri=1&cookie=ID%3D776fa466eb6a208d-22ff17b42fcd0080%3AT%3D1643645350%3AS%3DALNI_MbH8Sf1onGpvwv3SFikOA63yevQSw&bc=31&abxe=1&dt=1643645350505&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=76&adks=2125558794&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=970&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

b17173af7ed773109d9248f4ebac45c0771bedeca9ebfc2ce495f86b038751d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
290 B 180ms
180ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=954470614502268&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-300x300__wf-low&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x300%7C300x250%7C300x100&prev_scp=roxotRequestsCount%3D1&eri=1&cookie=ID%3D776fa466eb6a208d-22ff17b42fcd0080%3AT%3D1643645350%3AS%3DALNI_MbH8Sf1onGpvwv3SFikOA63yevQSw&bc=31&abxe=1&dt=1643645350511&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=985&adys=173&adks=96162552&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=300x100&msz=300x100&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ec56124496455f14f04dabfc288733c20d43a98f8596024c0753efac494243d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apu.php Show response
cdn.betgorebysson.club/ 968 B
2 KB 72ms
24ms Script
application/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.betgorebysson.club/apu.php?zoneid=3686100

Requested by

Host: bolrookr.com
URL: https://bolrookr.com/pfe/current/tag.min.js?z=3540614

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7c9c72d8b558cd3a1bb46d26933e1f8a0c05b5e276ecd4575b90091809dc1bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 968
x-trace-id: ec0a75641c54b8b104480501ef0f7be7
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 custom
bolrookr.com/ Frame 0
0 16ms
16ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bolrookr.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://estudyassistant.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 31 Jan 2022 16:09:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
bolrookr.com/ 39 B
327 B 25ms
25ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bolrookr.com/custom

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 83d6ba64e61dd31b50a29a76b01ca648
date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sw-eda97.js Show response
estudyassistant.com/ 145 B
734 B 60ms
60ms Fetch
application/javascript 2606:4700:3032::6815:1e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://estudyassistant.com/sw-eda97.js
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e7b2fa99fe24bc3a05c9f933dd16c2ca7e846eb1622a95db68f7c5ea2c54a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/mathematics/question14521077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286394
cf-polished: origSize=163
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Aug 2020 08:04:18 GMT
server: cloudflare
etag: W/"5f4caf02-a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWoud1%2Fub6aJsUs0g%2BKtgpaGGEGxRDKbmStd36rW%2Buq4NfEFsQPhOUyOApEzRpMn4OUnosFQjSEi4oOauyrUe83fuy60aeEG6vOaNhIq8q4P6Dh9IMYGoiOb6WJQQ5JAZNLnUpLLhSzF2bJrCeInxA%2Bh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d6433f0de1483a6-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 custom
bolrookr.com/ Frame 0
0 22ms
22ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bolrookr.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://estudyassistant.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 31 Jan 2022 16:09:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 78ms
30ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fb34648f01f5fcb8059cd7edde9eb5484edc7fe791dc9c08c10b809ab7d6a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9188
x-xss-protection: 0

POST
H2 200 custom Show response
bolrookr.com/ 39 B
327 B 26ms
26ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bolrookr.com/custom

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 981799d8316235b4fad58debbd90b0de
date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
bolrookr.com/ Frame 0
0 25ms
25ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bolrookr.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://estudyassistant.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 31 Jan 2022 16:09:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
bolrookr.com/ 39 B
326 B 24ms
23ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bolrookr.com/custom

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 32d5907a104820dccc955ec96aa1fc52
date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
546 B 81ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=951906e6838e4a3c9bce0f851fa7fdbb&zoneId=3540614&checkDuplicate=true&ymid=&var=

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8b63929df122a470db0fdc0e136860fcf1b14f9a32152023dab4675a0a053834

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
96ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:09:10 GMT

GET
H3 200 container.html Show response
5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7BB5 6 KB
3 KB 45ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:09:10 GMT
expires: Tue, 31 Jan 2023 16:09:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
203 B 462ms
190ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 474ms
203ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
202 B 651ms
380ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
202 B 636ms
365ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 614ms
345ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 623ms
354ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7BB5 0
0 116ms
115ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQCtnpgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSjAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upCbnsE4t6xy75KFwdMqZAbwxFMWQ-_2qCCoP976F9nLKfKFbSwUW-AEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItNDMwODk1NzUxNzM0MTIxMRi3ioMB&sigh=Q0fRpNTQHt4&uach_m=[UACH]&cid=CAQSOwCNIrLM6e3Dyo-L77ugLCVAXZiW6ErN91_1Zxmy-9iR418S1vKeAp_g0iRMGMY3cExFGmKi5X3KpAw1GAE
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7BB5 2 KB
2 KB 162ms
60ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516438;rtbwp=YfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ;rtbdata=sE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Csfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ&client=ca-pub-4308957517341211&adurl=

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dcdfa29a431b07018a8b89977828d09ffbfdef57711cfe1a3294bc008b367196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1822
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 7BB5 2 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:07:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BB5 123 KB
38 KB 147ms
80ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:09:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 7BB5 14 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7BB5 22 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 10:18:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C25D 13 KB
5 KB 103ms
49ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:08:00 GMT
expires: Tue, 31 Jan 2023 16:08:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57CA 783 B
1 KB 172ms
76ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a27091895915e3b0a2612b411fe91f1d0a87788f71fed0aa689cfbdd994e14f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DxwtJGAmRuL0HAViooX/DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 16:09:10 GMT
date: Mon, 31 Jan 2022 16:09:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DxwtJGAmRuL0HAViooX/DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
59ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 62ms
61ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 232ms
231ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=1139134631688320&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-300x600__prebid&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x600%7C300x250%7C300x300%7C240x400%7C300x500%7C240x600%7C160x600&prev_scp=roxotRequestsCount%3D1&eri=1&cookie=ID%3D776fa466eb6a208d%3AT%3D1643645350%3AS%3DALNI_MYhaXSSgtPzksZyaeWwDVwvoDu7LA&bc=31&abxe=1&dt=1643645350854&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=985&adys=278&adks=3233298700&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

3784e0a8bb12ead2759949800c1fc582b51e9c54d735d2cd67e80c2ab079c031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11090
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://estudyassistant.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7BB5 33 KB
16 KB 262ms
67ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516438;rtbwp=YfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ;rtbdata=sE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Csfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ&client=ca-pub-4308957517341211&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 01 Feb 2022 19:09:57 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame C25D 35 KB
13 KB 150ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:03:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 15:03:29 GMT

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 339ms
338ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 325ms
324ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57CA 0
0 140ms
129ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=2730776009191221&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBB1 6 KB
3 KB 65ms
64ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:09:10 GMT
expires: Tue, 31 Jan 2023 16:09:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 223ms
221ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 a Show response
pa.rxthdr.com/v3/ 0
202 B 229ms
227ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/a?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
202 B 255ms
253ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
202 B 273ms
271ms XHR
text/plain 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=estudyassistant.com
Requested by: Host: cdn.dmtgvn.com
URL: https://cdn.dmtgvn.com/wrapper/js/common-engine.js?v=s-748e09d5-c30b-40a8-86e5-a89052e68322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://estudyassistant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://estudyassistant.com
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BBB1 0
0 130ms
130ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqw85pgn4Yf-pOIau3wOmvKOQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDMwODk1NzUxNzM0MTIxMaAB1bbS6gPIAQmpAmjHEj1vvLI-4AIAqAMBqgScAk_QIp_hsQ39e1SqSJVj9xGogtCV-5up7BRfxnCZY_Og-bfOSEIIldymWreW-qeIBtaI--Ul9nCYbbnC0vfAbN9qE71aqSIRCXJogRu7vIAMKthfz7DF4kYDqHMU0rws3Gc5EHwd7h_vFosIg_zf_BTXTxcGotQ5fl9S8U3LFud6-RZcu9CtCYCmc_lmo4Hdezm6n2HQztRdAl0bfDUfUlKb5okgvPK-ogvDMIiJyBgo2eF1XCccYHL9iF0dsQQ_vmHPWT9z084HJiMJCQikAo-k7Oa9bNHQFGR8n624aQTEJuQU2BtWLOFeYgfE5VhCzUo-mqQLgX5JLPfjMHpdNEgV2yQPRDq2FUt31f3-0WbsstS76P6wX4611Xld4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItNDMwODk1NzUxNzM0MTIxMRi3ioMB&sigh=pSwbm4mMFVc&uach_m=[UACH]&cid=CAQSOwCNIrLMpOO0qR_-v9Mv1-Z5jImNiFgTdtDi7kfTHgQim_aTvV27Y2ugS1y1Bhdzl0ZSs3ZO3edhHKK4GAE
Requested by: Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame BBB1 0
0 203ms
60ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U_2jEo-lBKwC2ASdg2ICAgAAAHMJLsbyOMYugz9imiCbaOUQpgn4Ye--JQxjlWQaXAGUABI&wp=YfgJpgAOFP8Kd9cGAAjeJp9XTSY388CxowMBjw

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 214808
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FCB2 49 KB
19 KB 210ms
63ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfgJpgAOFP8Kd9cGAAjeJp9XTSY388CxowMBjw&u=%7CS%2FKlwaEx712k4RxNRQb9ypEivdritbKMmQDdcadzHkA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPZ57AO9Tzo-TiW8_RUaRRxSqp_DD-MTZ_v5oaXas8z1G_r4k41FoH5vPpL14R4kpXI-EwjYZhlUHZGr_JZnDGGDIgwZpVZOTv5kHM7BcygkpTxFiwR6NYa1v4V-NGDmi6HULduPVbt0xWcWk08-22EHRuQSR1rIdjORVaq22jWLib31Ecz8R54PhVOgWSWfwVRQp5yJWNGZceaFgzmb59ot0IF2i6AAHE5Q6_unyaqDf55CBUjM69D6TykG6nFkfFuNdsDJfB0sYA2Ph2V7RgEmD-jivoF_jA7DLhv29xz2aBQzoed8adFRXSTYHTGg8IhbDaZpQ3t02GwNO2rElqpuIln7UKMQKyOG0l4MRIFdyRkwS4pNw8lzaXLwNS0sQUS-ZS6vegpTvM61BVQF5cp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1coypgn4Yf-pOIau3wOmvKOQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDMwODk1NzUxNzM0MTIxMaAB1bbS6gPIAQmpAmjHEj1vvLI-4AIAqAMBqgSfAk_QIp_hsQ39e1SqSJVj9xGogtCV-5up7BRfxnCZY_Og-bfOSEIIldymWreW-qeIBtaI--Ul9nCYbbnC0vfAbN9qE71aqSIRCXJogRu7vIAMKthfz7DF4kYDqHMU0rws3Gc5EHwd7h_vFosIg_zf_BTXTxcGotQ5fl9S8U3LFud6-RZcu9CtCYCmc_lmo4Hdezm6n2HQztRdAl0bfDUfUlKb5okgvPK-ogvDMIiJyBgo2eF1XCccYHL9iF0dsQQ_vmHPWT9z084HJiMJCQikAo-k7Oa9bNHQFGR8n624aQTEJuQU2BtWLOFeYgfE5VhCzUo-mqQLgTxLDWVkv-ZOi9QBePQy4sK_AUHB39PmU9Ikj3JJV-CcRwsfUWrihUZf4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03P54wuz-dG-GmNMG2_X-JF9Owsw%26client%3Dca-pub-4308957517341211%26adurl%3D

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f440db6f369f1df18a989fa20fe78d640fa01d105a9b8fa9fb97791032811121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/

Response headers

date: Mon, 31 Jan 2022 16:09:10 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Zk0aaaeySwOAiPx3UVA5Lm0L1w0siZfuSuAj-HlAG5GR3yyJMf_VPObz9L-LcZJxsQfztROnGsMQtJ40XA7mJCs_eLWcrZP-VeHnW1v6IYnL9-ughahuvfoLC8oc5tEE5fAFiBGDTELviR9QufP_0FA0roUSAw3M2uafJAPUiO5b8jAggZ4PuIBdxsxmEEgVXcHoeGTjtEmeQL0U0pQqFvlRNyfkbWb2bs2_9G76BD6n_TLXXW7XQk2BxXJ2z14zNVrraA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 6693916
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame BBB1 2 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:07:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 848A 1 KB
749 B 54ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 9779
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBB1 123 KB
37 KB 167ms
105ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:09:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame BBB1 14 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BBB1 22 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 10:18:36 GMT

GET generate_204
tpc.googlesyndication.com/ Frame C25D 0
0

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7BB5 9 KB
4 KB 74ms
72ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38516438;rtbwp=YfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ;rtbdata=sE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Csfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ&client=ca-pub-4308957517341211&adurl=;js=1;adfxid=1x;9456;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Festudyassistant.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aabcb23f670af73f2a0e1b07fe9dc036b3cd5c0515815b4a252e0da213a1a5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3473
expires: -1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=2730776009191221&bg=!gYKlgsbNAAY6OBv_Ojg7ACkAdvg8Wty_hWXz60wGJmQJs4_dye69aIB9JHjGXsa92zkFnU-bP1hKMgIAAABcUgAAAANoAQcKAFDGJmjoONgcXcmJkip7bFZM1segAt8CwSimeNidsDdnkR5vcKQQjL8cXap75S7pdRPoK879cn4U4146_gUzS5TRNw_BP72ZCV3vBGXn8oFT45kC1BdEVoogWK0RYfJzHK73EOmLQ21E3XuQjrfZinsjLsz_R37o99TFjAzpcZ95iGH9OMV6ezaOU7r4KhbtIqbl66qexmmtY3t-rwp5N57RcY6WuewJI20BL1EpsVlLeC0gab5lRh2PbBgMc9Nk3AfPLIFos1JEiAdJDGrZyZsYlrkbV0LC2RhiUGDY0h931D9WoYM_rg8ZPCYnkV4UoCx7OIYFKFR1RsOMXsuRv3zSzzQnpvCIjPqy1zn_UYWQxKOCaygD-6AV90SX1QZGXCuR98kzjIdUeUFEHVW2lsRJot5ZBF60KWbintw4NGCh92TdBRJoc8XMeHa1e_uODhOXJ9oxxKtyJGQDDBv86lHEAoHe_4eMwq_wMafoailTZ9cnn_eCFEZgNm4PpcWGXifvyHRgVeNzLgW_SdqhgmM3-rgbSm2eNSRtiITFFHfGYvm0Rg_ESBJ5EswKdYme-UGlWi-Psp1Zv-7zwwIvLPdkxfxD130p9HUvWPdXuszJXv7Vq36VkmmASppJ_l6oyTsSBdP3jRQqKh2Hz7RoZVKD2aDA5EkoKIAd0Gu1ZuYdHaNzZuI-G77811qYt2Q2OO9qW_eVzXw3Rt_4jXEbmTrtOwrRoW3XJjwp42T-7J9-FWMwKTH47uB0QuaSe4UE8PgGCi8tpzYHvKjMdIwQWRntSj3p493fqrBao2qdC7aI_t2bDdo31hrqF3-pPvPYumRftYl1VPRiFMI9aVdz2SX8BoEc7XC9_kU8R_DGVnFewUMTG9_o6Hdr8pewcBL5nHGmOv1pp7w5Dxq07khr0j8DaWfaA3Fc1y62Hwp_BS9ZSJs9dNFw1r4vykt3SA2pyIT4FflNvLanVXnOlaBdRG9g3tdFIK4k5tHT69PR2JNEgxppXWIH1RXWmSKtEnbfWoJW582qhN4vyvIOjq5P6TcCxKOgEf4FA01UrphMhWN4-WpGuyGilr0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
google2waycm.netmng.com/cm/ Frame 848A 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 848A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwp...

43 B
415 B

234ms
234ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6433f83f0859e3-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1862
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6433f6a98659e3-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFANbD88BE4vB5-6Jl2WqS4&google_cver=1&google_push=AYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPImuqo7wm6_6jbCWa4eJSzH-1sCyNCJk_QWxPy2wsLvgDgRGIdrLvjQKYpmMeEo2kn8UN6kJDCVDDHl1UHYo4lJTFZHiwpy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDW99EMlHcmjjL4I6V-smcE&google_cver=1&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InIm...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDW99EMlHcmjjL4I6V-smcE&google_cver=1&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6o...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY&google_hm=nEv1clbeScynZbR7NqyJQQ==

170 B
188 B

90ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY&google_hm=nEv1clbeScynZbR7NqyJQQ==

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY&google_hm=nEv1clbeScynZbR7NqyJQQ==
Date: Mon, 31 Jan 2022 16:09:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 848A 14 B
14 B 830ms
107ms Image
text/plain 54.152.149.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESELYk9kbsGbM9INtStB8KeS0&google_cver=1&google_push=AYg5qPKaRz4ZqEeEyfxKOxKyis2Lu9AoGjgm86EqOdMw-hwnCZ5c5D7gjpkUsHQgCx4szgX_xDZc-pnWo5esKAb0RWpiH-ADBRRe
Requested by: Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.149.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-149-67.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEExLG6yvngdb1YKZ7qBav74&google_cver=1&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyMjQwNjUyNzU4MjA4NTczNzg5Mw%3D%3D&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz...

170 B
188 B

199ms
115ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyMjQwNjUyNzU4MjA4NTczNzg5Mw%3D%3D&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzAyMjQwNjUyNzU4MjA4NTczNzg5Mw%3D%3D&google_push=AYg5qPIwc5v4QncPDosgKlJuKb8zQYcTDs7i1XlcLiWwc8ELdTU1nNvz9XkhFkH2Hth9tyf2ddKtW6TqPhuyFSSUCFBfYTmCdiHi
date: Mon, 31 Jan 2022 16:09:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848A
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eL...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eL...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEM0U3ITB2cbyyae3OTAAOno&google_cver=1&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJm...

170 B
188 B

71ms
71ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPJb5nYnqzCA1_tyi3D98W7T3VKq8KWL0nV_u-lZwTGmaclYq6eLRJhG7DBiJmB0W2W212NWuVcgaSE3LArAKrcCVPFcAk2xVQ
date: Mon, 31 Jan 2022 16:09:11 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAV4Bs9G0NqI3J-UcgwZVO4&google_cver=1&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGe...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAV4Bs9G0NqI3J-UcgwZVO4&google_cver=1&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGe...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05LnIwTk05RTJ1RTQ5TzVoZzlvRnlTejMuNzVQR3k1MX5B&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z...

170 B
188 B

135ms
57ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05LnIwTk05RTJ1RTQ5TzVoZzlvRnlTejMuNzVQR3k1MX5B&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGeMVRY7ek6PnoVtySs_hnp59dMhRiQ

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05LnIwTk05RTJ1RTQ5TzVoZzlvRnlTejMuNzVQR3k1MX5B&google_push=AYg5qPKKyb9FLvP8GBQHYlTYSH8XhEeNlLp3HwfheHgCSubIO3tor-V1z6b8NgnduYQ3ZDuBGeMVRY7ek6PnoVtySs_hnp59dMhRiQ
date: Mon, 31 Jan 2022 16:09:11 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 848A 0
223 B 184ms
60ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCC9cJ2X8YlxVEs8YYiWYJvaGlHFvTG-NEKcs-h8Br59YeHF-lWOoJUc307DRoMTzD2OXXyco

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7BB5 35 KB
13 KB 322ms
122ms Script
application/javascript 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18485
x-guploader-uploadid: ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IRwSj%2B5TIfp%2BkkdBVoSdTntNQFDOBbg0Xix3TWFyHPT7S8YhHmyglhZCWon8dkuYhH6%2FIC59yb9Ib0Q6DoHIYrwrxTtvYmQR8yWrB2iwwYxxWDY%2FrIr1mjjaLjjmkIjsLaIYT0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6d6433f73b8a59f5-MXP
expires: Mon, 31 Jan 2022 11:01:06 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7BB5 35 B
494 B 67ms
66ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516438&csi=y17HRLDlWa2yp3SnNweb04L0pRh6QdT6nKRWaOGiMrDrygPkIxxfk3DtOJquCsq7clMcQZ6DSzgHqUfPiiFvTWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 7BB5 34 KB
15 KB 90ms
90ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 01 Feb 2022 19:11:11 GMT

GET
DATA 200
OK truncated
/ Frame BBB1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 264df3d91a8019937ba8ad15b6442e87e05c82fc294843749fbac39f7c5fc163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FCB2 2 KB
1 KB 339ms
177ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfgJpgAOFP8Kd9cGAAjeJp9XTSY388CxowMBjw&u=%7CS%2FKlwaEx712k4RxNRQb9ypEivdritbKMmQDdcadzHkA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPZ57AO9Tzo-TiW8_RUaRRxSqp_DD-MTZ_v5oaXas8z1G_r4k41FoH5vPpL14R4kpXI-EwjYZhlUHZGr_JZnDGGDIgwZpVZOTv5kHM7BcygkpTxFiwR6NYa1v4V-NGDmi6HULduPVbt0xWcWk08-22EHRuQSR1rIdjORVaq22jWLib31Ecz8R54PhVOgWSWfwVRQp5yJWNGZceaFgzmb59ot0IF2i6AAHE5Q6_unyaqDf55CBUjM69D6TykG6nFkfFuNdsDJfB0sYA2Ph2V7RgEmD-jivoF_jA7DLhv29xz2aBQzoed8adFRXSTYHTGg8IhbDaZpQ3t02GwNO2rElqpuIln7UKMQKyOG0l4MRIFdyRkwS4pNw8lzaXLwNS0sQUS-ZS6vegpTvM61BVQF5cp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1coypgn4Yf-pOIau3wOmvKOQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDMwODk1NzUxNzM0MTIxMaAB1bbS6gPIAQmpAmjHEj1vvLI-4AIAqAMBqgSfAk_QIp_hsQ39e1SqSJVj9xGogtCV-5up7BRfxnCZY_Og-bfOSEIIldymWreW-qeIBtaI--Ul9nCYbbnC0vfAbN9qE71aqSIRCXJogRu7vIAMKthfz7DF4kYDqHMU0rws3Gc5EHwd7h_vFosIg_zf_BTXTxcGotQ5fl9S8U3LFud6-RZcu9CtCYCmc_lmo4Hdezm6n2HQztRdAl0bfDUfUlKb5okgvPK-ogvDMIiJyBgo2eF1XCccYHL9iF0dsQQ_vmHPWT9z084HJiMJCQikAo-k7Oa9bNHQFGR8n624aQTEJuQU2BtWLOFeYgfE5VhCzUo-mqQLgTxLDWVkv-ZOi9QBePQy4sK_AUHB39PmU9Ikj3JJV-CcRwsfUWrihUZf4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03P54wuz-dG-GmNMG2_X-JF9Owsw%26client%3Dca-pub-4308957517341211%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FCB2 2 KB
1 KB 208ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FCB2 308 B
636 B 338ms
176ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame FCB2 507 B
835 B 209ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame FCB2 43 B
347 B 215ms
50ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=MuV35FLwSBEDrNcMT-nywS5IngZ0yGdxbn3kliIo28T4UGhZ-BIGf-8wnIrMq_oKqMYGSLb9KDV8NIkJ8FLYerRCbt4FUlkIIJuHwruS0nfl8yQLT9l4NpYrz39RIrZGiMM5y_w2eC53NcqQ7eZ-WbE82bNItKFXmXZcH8ZHmsMdlGvkbTtlzFuGtfmr5OIbn714q7lL5oZBqF846TlTkb0LcyR4FwkRdPhi0mgPZRWjMJX5f1RxMq4NrmZV3PpkJ13KpNlql0BTgCAGTZPJzIfwnJyJeY9OG9nf710IlEo793BETwAx4QGakd06c09QBXre84ZkEh3XiDNXIqoaQvJgIuR-6AZ0lB9ZhU9xRtz8lIqJcwqWLhLO_mKUN6XD2-ieF4Fwk5vjX5wX4E0rcnSxyF24rN2XDvFlIeuym7QyG0OnjZnsMhrhty3kH040bJ2dRA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3418773
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ddee6f86ab554a06a69ed71a64b5e8c5_image_ad_300x600.gif
static.criteo.net/design/dt/90764/220105/ Frame FCB2 184 KB
184 KB 243ms
81ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/ddee6f86ab554a06a69ed71a64b5e8c5_image_ad_300x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6168af066c2e390f9ff5ccdeee66bcde4a7e16ef62cd6bacaa6e8f77815c37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-2de96"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 188054
expires: Thu, 26 Jan 2023 16:09:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FCB2 0
127 B 204ms
46ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Zk0aaaeySwOAiPx3UVA5Lm0L1w0siZfuSuAj-HlAG5GR3yyJMf_VPObz9L-LcZJxsQfztROnGsMQtJ40XA7mJCs_eLWcrZP-VeHnW1v6IYnL9-ughahuvfoLC8oc5tEE5fAFiBGDTELviR9QufP_0FA0roUSAw3M2uafJAPUiO5b8jAggZ4PuIBdxsxmEEgVXcHoeGTjtEmeQL0U0pQqFvlRNyfkbWb2bs2_9G76BD6n_TLXXW7XQk2BxXJ2z14zNVrraA&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:09:11 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FCB2 2 KB
1 KB 290ms
137ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FCB2 2 KB
1 KB 153ms
152ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:09:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CE2 1 KB
749 B 29ms
29ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 9779
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7BB5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19dec46b69ff3c1764c2e7bb24d6b12cbce1862079219403fa47fc2f24097f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame FD16 2 KB
2 KB 147ms
91ms Document
text/html 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Mon, 31 Jan 2022 17:09:11 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2469765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oizjRWdpIoPMb4evSdRpqwqWEK4MmYdD2WSBsDu0PYDecQa80SixAWqsb2YOi7BT8%2FDVcy0CGF%2BqInIekibWUGRvapqPhqcnSc8FiQwzAmWz5i3S9XTb0UsSbfphg4MOuLf0fQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d6433f85a8183a2-MXP
content-encoding: br

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0CE2 35 B
464 B 63ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBEXV_eaSTmD1p_Oa548oRo&google_cver=1&google_push=AYg5qPJSO9wYI2fnPumXEFV2sWYXiD5gFmZAQbslnqDOGIcV1999564jy7bffELlT8N4Im9hbWY-vwQ5jay9GiBBzlNTYXrrygn4

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA7EkXOK211Hy8YAfSLlF2s&google_cver=1&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BW...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BWbO5mcAExmDox

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BWbO5mcAExmDox

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:09:11 GMT
Server: MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIHcuAmxcmVidYHOL-UzN8vdsy_P-Dsdr2-ZSkEkPr55LlPP5iZPogJaKJDW6j599ooDL59DnUT3qJxw6BWbO5mcAExmDox
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 31 Jan 2022 16:09:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENdDEMICKNYu6s6Z--Gb57Q&google_cver=1&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs1RSmkmfNEsHdI54K1&google_hm=qBJO-TFhTyOZZpydxe58GiA

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs1RSmkmfNEsHdI54K1&google_hm=qBJO-TFhTyOZZpydxe58GiA

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLfaa1gCdZbwiZDexn2aIOvAZ-UOcGJLBkMpSRmDkpAoQwpWpYv-Ya4qJgl5261JuwWryrpUq-iJRs1RSmkmfNEsHdI54K1&google_hm=qBJO-TFhTyOZZpydxe58GiA
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELvgGaKkTFi_GjqfJ1imUP4&google_cver=1&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjMnlig&google_hm=NzE0MDMxNTIyMjMwNDM4MDg...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjMnlig&google_hm=NzE0MDMxNTIyMjMwNDM4MDg4OA%3D%3D

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jan 2022 16:09:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5ZWAH5dz2gW8vRZfdRHe2EeeT_KTyKpUGy5TdNEGZu2e24Lm7twFZWPStqscZWpqjy48ojUM0r1lDrHUhQiupTjMnlig&google_hm=NzE0MDMxNTIyMjMwNDM4MDg4OA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5XwRaK3zfnWSDDva7tI9s&google_cver=1&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPkEz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIyNTY2OTYxOTU1NjI1NTMwOA&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPk...

170 B
188 B

38ms
38ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIyNTY2OTYxOTU1NjI1NTMwOA&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPkEzUmb8dBRnWxGRkeFEZuah

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIyNTY2OTYxOTU1NjI1NTMwOA&google_push=AYg5qPKDav_-gz_lt637NWuCF5zjiIlyB7xtT0zaPxGYY2z2UH1LEVtKn0CbeNgKS2Cu94WEPMWwPkEzUmb8dBRnWxGRkeFEZuah
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-48b7a77f-5d5e-4402-8d79-bfc92a9b7d0d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLXQ5EUIbWAyReF_6YpG...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&google_hm=A0i3p39dXkQCjXm_ySqbfQ0

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&google_hm=A0i3p39dXkQCjXm_ySqbfQ0

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLXQ5EUIbWAyReF_6YpG1arps0uEPCRwX0IoIiwIbfw1lAsA5_sNTFUGRSjY20ZJ9FvJRayoPaCpEUj5Bn4FksY6t7DiPd3&google_hm=A0i3p39dXkQCjXm_ySqbfQ0
date: Mon, 31 Jan 2022 16:09:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX48b7a77f5d5e44028d79bfc92a9b7d0d003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPYtW8wighiiIPt0XlMaSQs&google_cver=1&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51y...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPYtW8wighiiIPt0XlMaSQs&google_cver=1&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU5...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGF...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGFZ8wUvcvVGtrUbTH1yO52x-H3CXEG9KTF5ANw

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMDkzMWRlNS04MmIwLTExZWMtODJhOS0wMmQ3ZDcyZmU4OGE%3D&google_push=AYg5qPLuiYhmwk6tXzQ3SAncLShkMPc78ZYBqBUxdzJaYZAkbR-iU51yu2S75XZcGFZ8wUvcvVGtrUbTH1yO52x-H3CXEG9KTF5ANw
date: Mon, 31 Jan 2022 16:09:11 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CE2 0
12 B 28ms
27ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KiAcLtFntCDENpWFIFc5GgwAuHk0ie1SiBH_e7fhp5A9t9KJaG7xOiCacbuDCXe6qJFLWfQg

Requested by

Host: 5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
URL: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 7BB5 2 KB
2 KB 118ms
117ms XHR
text/plain 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f45b34f3bce53e8a781ba0b0f1ec04789dab7408ea63b6899061a2d519b7aab4

Request headers

Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d6433f9ec4659f5-MXP
date: Mon, 31 Jan 2022 16:09:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxNArs3DvgZcPDvzlj2u3CDLQlXrcwsX5h1%2B06cDA1A5o%2BJPOCmHfKW7eY5CNfuh9V7wDoCUchUEc8R%2F1b%2BXZbv9rpKq244BUGQ015Y35hJzd2cwMGGOYF0i4u3WMBH0XNZtrNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vmjq

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 143ms
86ms Preflight
text/plain 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 16:09:11 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vmjq
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpUvaR8onuyN67IP2bH6YgRmfs3OuyROljOC3xjZ7ISvmrI%2FGg%2BZU0fhtYTIL5YExXY3JERrGJ6SOLWsEEbP%2FFGFrvWTWyLYsEB0AUBPIAvXj5vi4b%2BOKRHCyq8ofDGe4h%2Bb%2FDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d6433f96abb59f5-MXP

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 200ms
106ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: estudyassistant.com
URL: https://estudyassistant.com/mathematics/question14521077

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:12 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-10e38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69176
expires: Mon, 31 Jan 2022 17:09:12 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 5EF3 3 KB
3 KB 97ms
87ms Document
text/html 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=ZHETyZ8M422n5YBaSUdTDYQhBixIzVB1&g=2ccf5df85c6c7e93798dd7079d18c84e%2F13040803372243920938&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1643645352021&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCsfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ%26client%3Dca-pub-4308957517341211%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ%3Bcrtbdata%3DsE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYQ7O-y1N9rS3wdRp3KijB1PaBk_f6OKdhps0_PvEg4-EpGRqsm6sRD0K9mEQGQcj9wmgb1BawPMGXtt2n4OwTFixfgN7wWhehNX7EYoWZQhUY3QujWf60ZHsGrJPZTwxO-VZsl5dxWnQMkllzAqADQrZPSVCRcBPzE1%3B%3BCREFURL%3Dhttps%253a%252f%252festudyassistant.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a6360fe3aa459a8785b6be3b25ffee02e5d02eab9d901be966b63dc31b38d16

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/

Response headers

date: Mon, 31 Jan 2022 16:09:12 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6433facee459f5-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5EF3 81 KB
11 KB 103ms
102ms Stylesheet
text/css 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=ZHETyZ8M422n5YBaSUdTDYQhBixIzVB1&g=2ccf5df85c6c7e93798dd7079d18c84e%2F13040803372243920938&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1643645352021&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCsfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ%26client%3Dca-pub-4308957517341211%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ%3Bcrtbdata%3DsE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYQ7O-y1N9rS3wdRp3KijB1PaBk_f6OKdhps0_PvEg4-EpGRqsm6sRD0K9mEQGQcj9wmgb1BawPMGXtt2n4OwTFixfgN7wWhehNX7EYoWZQhUY3QujWf60ZHsGrJPZTwxO-VZsl5dxWnQMkllzAqADQrZPSVCRcBPzE1%3B%3BCREFURL%3Dhttps%253a%252f%252festudyassistant.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=ZHETyZ8M422n5YBaSUdTDYQhBixIzVB1&g=2ccf5df85c6c7e93798dd7079d18c84e%2F13040803372243920938&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1643645352021&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCsfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ%26client%3Dca-pub-4308957517341211%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ%3Bcrtbdata%3DsE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYQ7O-y1N9rS3wdRp3KijB1PaBk_f6OKdhps0_PvEg4-EpGRqsm6sRD0K9mEQGQcj9wmgb1BawPMGXtt2n4OwTFixfgN7wWhehNX7EYoWZQhUY3QujWf60ZHsGrJPZTwxO-VZsl5dxWnQMkllzAqADQrZPSVCRcBPzE1%3B%3BCREFURL%3Dhttps%253a%252f%252festudyassistant.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:12 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 431046
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d6433fb9d1183a2-MXP
cf-bgj: minify

GET
H2 200 F9736D035A5464127FA673A8BD35A27DFF37BC592D8FD5580715F71D6DFA14C30EDB0B571CDD0F70D1DE5DD267B6D4F67F444E61667E536E25CA20BF797D24F5
assets.ad4m.at/product_image/ Frame 5EF3 12 KB
13 KB 111ms
97ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F9736D035A5464127FA673A8BD35A27DFF37BC592D8FD5580715F71D6DFA14C30EDB0B571CDD0F70D1DE5DD267B6D4F67F444E61667E536E25CA20BF797D24F5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=ZHETyZ8M422n5YBaSUdTDYQhBixIzVB1&g=2ccf5df85c6c7e93798dd7079d18c84e%2F13040803372243920938&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1643645352021&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCsfk-pgn4Yf-XIMn03wOThJ3QC_PYq5NcybzUs6IHwI23ARABIABglYKAgLAHggEXY2EtcHViLTQzMDg5NTc1MTczNDEyMTHIAQmpAj7NUZL0uLI-4AIAqAMBqgSmAk_QcArVpFieOy1hHNYVOjVewV-HTPvcBGtpcXtJhXLi2ZnZTpEx5cYQNhud3yRMnWF_edEOxPd3cIiuPc6vrOcQuvPsLVf8-k6ZkfYaOBWz-ykez_fPoYucaKL4g3AF_8Vy4D-mwCUD1loiufJeXfnC0njSr6-iJ_MyoHlvu0G3mrpG0bc6m6_sWarz1DFsLknoRPn-c8wwefQxlkOePKgRKUgdZRTIr6OsaY83G5MDiVcF42SmAJpiCkn-C0QgqjYzi3mZFRbY69LvU2SS1NsGqoEqpOocePey6CMkHgLpk-oQv9wRcD-RLAFCwXCfKCe8EyaylsQ56HC1upDZnOCqKhDN0h8623_4ca4KxEcc7uXYsJgS9ctS53TVBeoa9Isp1or4keAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2wcPDpYIa96_Gh5zIFu_vk-edeiQ%26client%3Dca-pub-4308957517341211%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYfgJpgAIC_8Kd_pJAAdCEzZ07eixJ5oCGRCCvQ%3Bcrtbdata%3DsE7aJDcJuei3FMwgqOHw8CLUz2Dor8XSwcoM47hfKYJhp32luGKLnw6lzVbaIVSCRAMW6B9RQEEJx-YmkHymxzUSjTtYH-mrmgJUIZY8TK5Hq5kitXJtiZ3hGECAflIFBot0SOfcpvm0ZInWldlH5h6e7tuKHkooG9qnv-N8D7lX5nB11HjCn_i1r1VD8ZT4XNWtLjJ0pOb-PguWIUWsvLa4G8deqIJNT2pi31Ca2OIVAsxVvZrpaNtNjj89elYEk2hW09tt584qkA6SVNMuCxpNnvf6R-mlLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYQ7O-y1N9rS3wdRp3KijB1PaBk_f6OKdhps0_PvEg4-EpGRqsm6sRD0K9mEQGQcj9wmgb1BawPMGXtt2n4OwTFixfgN7wWhehNX7EYoWZQhUY3QujWf60ZHsGrJPZTwxO-VZsl5dxWnQMkllzAqADQrZPSVCRcBPzE1%3B%3BCREFURL%3Dhttps%253a%252f%252festudyassistant.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751704bc52883328e6c234c8381d3a9b6acd50570d1412db6091dc3696c31de6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=cLcnvA==, md5=FLsJ33AFtyiqxc35QjcB6Q==
date: Mon, 31 Jan 2022 16:09:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 624816
cf-polished: qual=85, origFmt=jpeg, origSize=64216
x-guploader-uploadid: ADPycduzrZU-adSchHsNsfT0rWctg-Q3Ob7kokFajPpwN_DVGHOjg-LYbJrr5MXT4zYjLVL7JmC-kpbwN-YwFdMn1uvvN798-Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12174
last-modified: Mon, 24 Jan 2022 10:32:55 GMT
server: cloudflare
etag: "14bb09df7005b728aac5cdf9423701e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ%2BEgG%2FZRGI0dlSnnOCOhuu5ooCT94F972UTkAOqMnFtk3pcJRh%2BlOKwHiqB6X7Pi%2BuXNS77eVY2a4ODSs1S5IQSmMd5ojaidOeByg%2BoXLdq840AxjIETkcc61sohIalIGF8h06S1rBeRc7f"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643020375327686
content-type: image/webp
expires: Tue, 01 Feb 2022 16:09:12 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 64216
accept-ranges: bytes
cf-ray: 6d6433fbba9659f5-MXP
cf-bgj: imgq:85,h2pri

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9535.WahfQA9ulhSfnVvdECstTBELzH_8lmcmrksThOOwMjktW8T1eZo-XzUhJcOdWNpe.N7eUCERuJxbcvEqZFSIozCHdhRQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9535.DzQAXwAglI1PxJ5ItFRm5XMFEBDJID3o9lN0zhOgGuDOj6gBtqCC4FAZJJyXom1TNZX5RVpiySouDY07XQF04w%2C%2C.9cbV0uXEoGXn7wdrtPDp3aDS93M%2C

75 B
75 B

98ms
98ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9535.DzQAXwAglI1PxJ5ItFRm5XMFEBDJID3o9lN0zhOgGuDOj6gBtqCC4FAZJJyXom1TNZX5RVpiySouDY07XQF04w%2C%2C.9cbV0uXEoGXn7wdrtPDp3aDS93M%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:12 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9535.DzQAXwAglI1PxJ5ItFRm5XMFEBDJID3o9lN0zhOgGuDOj6gBtqCC4FAZJJyXom1TNZX5RVpiySouDY07XQF04w%2C%2C.9cbV0uXEoGXn7wdrtPDp3aDS93M%2C
date: Mon, 31 Jan 2022 16:09:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 103ms
103ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:12 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 31 Jan 2022 17:09:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBB1 42 B
64 B 146ms
87ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukjdXsSivQWx21bLN8gXDx_H73izjFmzTfQoTPsjMltcqCgfcRasFfpOhVrzuFDQAlLMTF5MFcqbOrOXB33OEl&sig=Cg0ArKJSzLfwubeoePenEAE&cid=CAASF-Ro2-GzEoi7_0-CVQpvJikysGLT1F5L&id=lidar2&mcvt=1000&p=278,985,878,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3233298700&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643645351094&rpt=333&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FCB2 0
127 B 64ms
64ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:09:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

1 Show response
mc.yandex.com/watch/66586483/
Redirect Chain

https://mc.yandex.com/watch/66586483?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Af...
https://mc.yandex.com/watch/66586483/1?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3...

331 B
413 B

102ms
102ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66586483/1?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A355%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A562582049959%3Ahid%3A188768221%3Az%3A0%3Ai%3A20220131160912%3Aet%3A1643645352%3Ac%3A1%3Arn%3A444761635%3Arqn%3A1%3Au%3A1643645352667754604%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643645349103%3Ads%3A9%2C119%2C189%2C1%2C0%2C0%2C%2C375%2C1%2C1486%2C1486%2C4%2C694%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643645353%3At%3ALincoln%20is%20measuring%20the%20angles%20of%20quadrilateral%20wxyz%20to%20determine%20whether%20it%20is%20congruent%20to%20the%20quadrilateral%20below.%20quadrilateral&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

10bc261dc3b6dfc7a8dbf732debde33a2a76953e062a13361814808a28527294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 31-Jan-2022 16:09:12 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estudyassistant.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 31-Jan-2022 16:09:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:09:12 GMT
last-modified: Mon, 31-Jan-2022 16:09:12 GMT
location: /watch/66586483/1?wmode=7&page-url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A355%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A562582049959%3Ahid%3A188768221%3Az%3A0%3Ai%3A20220131160912%3Aet%3A1643645352%3Ac%3A1%3Arn%3A444761635%3Arqn%3A1%3Au%3A1643645352667754604%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643645349103%3Ads%3A9%2C119%2C189%2C1%2C0%2C0%2C%2C375%2C1%2C1486%2C1486%2C4%2C694%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643645353%3At%3ALincoln%20is%20measuring%20the%20angles%20of%20quadrilateral%20wxyz%20to%20determine%20whether%20it%20is%20congruent%20to%20the%20quadrilateral%20below.%20quadrilateral&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://estudyassistant.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 31-Jan-2022 16:09:12 GMT

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/round/medium/ 25 KB
25 KB 144ms
143ms Image
image/png 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/round/medium/06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

ebec55bdb89c78d466e4213a4e45367ee8e385d0cdd6942a3b1dcf53f8f6fc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-633f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 25407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 211ms
65ms Image
image/png 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=estudyassistant.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://estudyassistant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?vAuzRA

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESELU0ly3JhsRRzFSlUaIc0PE&google_cver=1&google_push=AYg5qPI7mWDvoU82OMAboT5fPwZJHACU2wquISyCpjuRb_79sh16D-zEI0yp8BiMzF9HgTnfVo4yU4t-CXJfehnuDSjQ7CeAvJxd

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2730776009191221&correlator=1939260505026322&output=ldjh&impl=fifs&eid=31064560%2C44752540&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=22654798780%2CAdX_Plus%2Cestudyassistant.com%2Cdesktop-300x300__wf-high&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x300%7C300x250%7C300x100&prev_scp=floor%3D90%26roxotRequestsCount%3D2&eri=1&cookie=ID%3D776fa466eb6a208d%3AT%3D1643645350%3AS%3DALNI_MYhaXSSgtPzksZyaeWwDVwvoDu7LA&bc=31&abxe=1&dt=1643645355715&lmt=1642290507&dlt=1643645349424&idt=512&frm=20&biw=1600&bih=1200&oid=2&adxs=985&adys=173&adks=2126549464&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Festudyassistant.com%2Fmathematics%2Fquestion14521077&vis=1&scr_x=0&scr_y=0&psz=300x100&msz=300x100&ga_vid=1746424508.1643645350&ga_sid=1643645350&ga_hid=702433754&ga_fc=true&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.estudyassistant.com/	1970-01-20 18:05:17	Name: _ga Value: GA1.2.1746424508.1643645350
.estudyassistant.com/	1970-01-20 00:35:31	Name: _gid Value: GA1.2.1272451448.1643645350
.estudyassistant.com/	1970-01-20 00:34:05	Name: _gat_gtag_UA_152409348_6 Value: 1
estudyassistant.com/	1970-01-20 01:17:17	Name: PHPSESSID Value: 2964d409vci109rmo7bot9seq1
cdn.betgorebysson.club/	1970-01-20 09:19:41	Name: OAID Value: 36b61a15bcba47178a6dfd26e86afa11
cdn.betgorebysson.club/	1970-01-20 09:19:41	Name: oaidts Value: 1643645350
my.rtmark.net/	1970-01-20 09:19:41	Name: ID Value: 951906e6838e4a3c9bce0f851fa7fdbb
.estudyassistant.com/	1970-01-20 09:55:41	Name: __gads Value: ID=776fa466eb6a208d:T=1643645350:S=ALNI_MYhaXSSgtPzksZyaeWwDVwvoDu7LA
.adform.net/	1970-01-20 01:14:24	Name: C Value: 1
.doubleclick.net/	1970-01-20 09:55:41	Name: IDE Value: AHWqTUnRB8ox6YQnX4DhZ4332kaZPzQA32Wl8CP7zkXE0zXRWmKHkXFo4QL2CXJfpr8
.adform.net/	1970-01-20 02:00:29	Name: uid Value: 7225669619556255308
.adform.net/	1970-01-20 00:44:10	Name: TPC Value: 1643645351259
.3lift.com/	1970-01-20 02:43:41	Name: tluid Value: 3022406527582085737893
.advertising.com/	1970-01-20 09:21:07	Name: APID Value: UP20931de5-82b0-11ec-82a9-02d7d72fe88a
.yahoo.com/	1970-01-20 09:20:02	Name: A3 Value: d=AQABBKcJ-GECEDe_d-ru9UgTrK8v1FQKTwoFEgEBAQFb-WEBYgAAAAAA_eMAAA&S=AQAAAsLlhXXXaD3o39YLkJleUr0
.bidswitch.net/	1970-01-20 09:19:41	Name: tuuid Value: 9c4bf572-56de-49cc-a765-b47b36ac8941
.bidswitch.net/	1970-01-20 09:19:41	Name: c Value: 1643645351
.bidswitch.net/	1970-01-20 09:19:41	Name: tuuid_lu Value: 1643645351
.bidswitch.net/	1970-01-20 00:34:05	Name: google_push Value: AYg5qPJgeV6C7EuUUG7yUEqsqapeolUs1VQ3SHfzLH45EZfYEoWlfoiBAVLPiiHqTogUdIMyMc-liSPa9Lsc6oQ2InImJN1LJtY
.analytics.yahoo.com/	1970-01-20 09:21:07	Name: IDSYNC Value: "18yx~22z4:18wq~22z4"
.quantserve.com/	1970-01-20 02:43:41	Name: d Value: EBcBCQGqJYEA
.quantserve.com/	1970-01-20 10:04:19	Name: mc Value: 61f809a7-b4b79-87437-10095
.ctnsnet.com/	1970-01-20 09:19:41	Name: cid_a8124ef931614f2399669c9dc5ee7c1a Value: 1
.mathtag.com/	1970-01-20 10:00:00	Name: uuid Value: fc7661f8-09a7-4500-9bfb-859c82303e7e
.mathtag.com/	1970-01-20 01:17:17	Name: mt_mop Value: 4:1643645351
.1rx.io/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-48b7a77f-5d5e-4402-8d79-bfc92a9b7d0d-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-48b7a77f-5d5e-4402-8d79-bfc92a9b7d0d-003%22%7D
.tribalfusion.com/	1970-01-20 02:43:41	Name: ANON_ID Value: aEnseFRZdySaAIUMnYFhvlp3crAel873rVYnaIlZapcNRK3exoqkUtHILMCxaBLkfW95F53ZdUYfCT37KeJg2HK
.estudyassistant.com/	1970-01-20 09:19:41	Name: _ym_uid Value: 1643645352667754604
.estudyassistant.com/	1970-01-20 09:19:41	Name: _ym_d Value: 1643645352
.mc.yandex.com/	1970-01-20 00:34:05	Name: sync_cookie_csrf Value: 3284789198fake
.estudyassistant.com/	1970-01-20 00:35:17	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 00:34:05	Name: sync_cookie_csrf Value: 713520179fake
.yandex.com/	1970-01-20 09:19:41	Name: yandexuid Value: 5006983081643645352
.yandex.com/	1970-01-20 09:19:41	Name: yuidss Value: 5006983081643645352
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1126122561643645352
.yandex.com/	1970-01-23 16:10:05	Name: i Value: vuTBDnl0dpjEH8uDq7wZfg0bS9h1AEulRo8wE+7OTUlb50x97OfztjMECV614o3ysY6JYEHDhlYmJ/EvFnC0nGxxKx4=
.yandex.com/	1970-01-20 09:19:41	Name: ymex Value: 1675181352.yrts.1643645352#1675181352.yrtsi.1643645352

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESELYk9kbsGbM9INtStB8KeS0&google_cver=1&google_push=AYg5qPKaRz4ZqEeEyfxKOxKyis2Lu9AoGjgm86EqOdMw-hwnCZ5c5D7gjpkUsHQgCx4szgX_xDZc-pnWo5esKAb0RWpiH-ADBRRe Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9535.DzQAXwAglI1PxJ5ItFRm5XMFEBDJID3o9lN0zhOgGuDOj6gBtqCC4FAZJJyXom1TNZX5RVpiySouDY07XQF04w%2C%2C.9cbV0uXEoGXn7wdrtPDp3aDS93M%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ec7837c8835297de28cf983c6e44565.safeframe.googlesyndication.com
a.tribalfusion.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
bolrookr.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.betgorebysson.club
cdn.dmtgvn.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
eb2.3lift.com
estudyassistant.com
gcm.ctnsnet.com
google2waycm.netmng.com
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
pa.rxthdr.com
pagead2.googlesyndication.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
rtb.fr.eu.criteo.com
s.tribalfusion.com
s1.adform.net
securepubads.g.doubleclick.net
share.pluso.ru
static.criteo.net
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
google2waycm.netmng.com
ib.adnxs.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
139.45.195.8
139.45.197.250
142.250.186.66
178.250.0.160
178.250.0.162
185.29.132.241
185.33.220.242
213.19.147.45
216.58.212.162
2606:4700:3032::6815:1e93
2606:4700:3039::6815:c06d
2606:4700::6810:5814
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:6b8::1:119
2a05:d018:d29:3602:55f3:aa52:2cab:d50d
3.124.248.240
3.125.236.124
3.126.56.137
35.186.193.173
37.157.2.237
37.157.5.73
37.157.6.245
37.200.67.211
54.152.149.67
54.174.15.208
76.223.111.18
99.86.3.69
01edd006bdde0c6ad6e95d25e1e2e429f520d98bf72bc928690d1a33afbcdf12
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ae59f5a823799dbfd1be870539ebf3a8a639f7506c51aa48f3095c165fe29e4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8d7e1214ab48c05a7f90e7a6c694d3593fc3c220a3f0a0e846ae126f0ec863
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c1523e058239d33791fe59d84284fe0be12f37b28ec5b4a3ea2d2cf03113c30
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
10bc261dc3b6dfc7a8dbf732debde33a2a76953e062a13361814808a28527294
1226ed75be00d218e95c354854aa78762d0c71f6d96460dbe402397a6bf1ca47
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
148542a5e483d03494dabdc1d5e82cbfe6090185e1f2f2ecd71a966968049246
153fdd7e2c7940ffdc7058af1326aabe4025c47ab28f1b699e9ef849a698382c
19dec46b69ff3c1764c2e7bb24d6b12cbce1862079219403fa47fc2f24097f55
1a64c77730d6526173088d52376d071f655edfbf422911ff8d1438adc5c0b13b
1e023e4a4214ad7f7cc618b8f674854c0cfd8f66232ba665e3be4ad54e46a779
227816ec94e1aa2062f82ee60d86113aaac344e49af6d26e2597847a8edfc826
264df3d91a8019937ba8ad15b6442e87e05c82fc294843749fbac39f7c5fc163
2fa4b22aec01888aafb1fec844e6c3a63df0295e9d8d6187ba8c600011cbbe8c
2fb34648f01f5fcb8059cd7edde9eb5484edc7fe791dc9c08c10b809ab7d6a6d
3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45
3784e0a8bb12ead2759949800c1fc582b51e9c54d735d2cd67e80c2ab079c031
3adfb41a5fcd4f3a53970a45d5d589034b13ca95aa55ca19ced5a14474bdda28
42fede2eb48c6fd87a59b25b7db7a0b4a226b962fa1e7f585f015d884c698ceb
443eaace79e691c39af54b703712d06270b2e63642bfd912f1f98131309852fd
44f025fc4862a5cadae6f73efe03371ffe469d520221de0d01ef1164390274f1
45cb8c56b9029161553d29c985e0195df050de29eaaa075176f50ce141cbc5e8
469e59e43641a7fc7aff65d6a20c970c9f01955daf6e352f9cc21cb0f1440faf
477be6cd75c995816920f2a5a81d11ef507d88dbe12e8d7ac3463af9993a0ad5
4bc110930238021e87453898097595727cda52d49df5304c4f361310e3573442
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51f34acc6b6a19f227a35375b416749dfbd3295745ee427ea1c8f32a59b42ef9
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
548e1a8669279d22aa3280ffb9edcd06bfc7a7010c4daa5a3500b84f6fc08cc8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cd27658dc8b2765e88b832bf48602db95fe37072c541df8fe8cbb371f81201
63717fde2fea1c5b5e0a26ce96c8592fb74fc0bc32bbd4aebbd43ddd4eec9b34
6448e978afb364dd798e9f7847b4c0a41749f61df7d89a97a957302e9bc3eed6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef4e7c196197df95d2332f902e148d2051ad5218b30527a5512b8b9c4f1a49c
751704bc52883328e6c234c8381d3a9b6acd50570d1412db6091dc3696c31de6
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7a5363bdfeab1fa2b2766524bf2cf2abaef986810dcf0163bf59ac18d4f3f3da
7c9c72d8b558cd3a1bb46d26933e1f8a0c05b5e276ecd4575b90091809dc1bfb
7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
80a515be88589e377458107d98dd2dd654a0b1f56c4eaa42f912de832ac36cee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
881673e60d61362db401af4c8ebe298f410b4491319156165a72e529b15a5854
8a27091895915e3b0a2612b411fe91f1d0a87788f71fed0aa689cfbdd994e14f
8b63929df122a470db0fdc0e136860fcf1b14f9a32152023dab4675a0a053834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fa9f488c36fce461c4ab59c242b91a80425fb73092c2d4a3de521c7af9d0955
9142726d1acb8a75e6e77c7ba34c0da7c63b0ff32de1ffd7fd381915323f77a2
9a6360fe3aa459a8785b6be3b25ffee02e5d02eab9d901be966b63dc31b38d16
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25e941a479d97779361f94777f374683b6feff885e5020532361b88cb63d89d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525
aabcb23f670af73f2a0e1b07fe9dc036b3cd5c0515815b4a252e0da213a1a5f7
adcfa3cd56fbae377540d31998f8e48c08815914f81fde31f57e269f0a1a414a
b17173af7ed773109d9248f4ebac45c0771bedeca9ebfc2ce495f86b038751d5
bc90dbe100df3756942bbff396b9404373ba578262e89519be5878f0af13e4b4
be3ada3d46c14bdfb55b19e2e4574a01c7f7033ad84e03441524c41a3ae1bd9d
c00bd40e8d5f99ed3ddd16d0862b1c486d58c7b5671facb786f973012b413e98
c7729e7206aad843bd8b0af1260afeb8cf41e256ceea87305d09d8d528a7b58d
cd70709cd53b0e325da33e1b92feac21857a623aa07242ccec4a99103ab2a1f0
cee94685d59f71133baca92538998e0a56e11b96d73933a987dfdc73dd8ac579
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d260afb8e5d677930f4d728da7db365e397e68fb24c6cdc24414108f0aba7980
d6168af066c2e390f9ff5ccdeee66bcde4a7e16ef62cd6bacaa6e8f77815c37d
d79bbc3b9786ba971d84dd408bf8870902a0967cb3a04fe5d5b18e3c25543732
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
dcdfa29a431b07018a8b89977828d09ffbfdef57711cfe1a3294bc008b367196
dd61c775632c0d32bc6fe1fdaa8ca4e71deffafd6ebfc8f28c8b99fb7102e2f1
e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116
e282b11b07d9f10a597330980c933a98883ab1cbcf7c980f13eb6ff897015a3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74a0fe6f07e1aa92489587bea0e19d184bef6beec76616f8c49a6d0c4c5d50e
ea66c3595f31740cbdde9793465f84b6def41c46981afe09cbb631579b58be6a
ebec55bdb89c78d466e4213a4e45367ee8e385d0cdd6942a3b1dcf53f8f6fc52
ec56124496455f14f04dabfc288733c20d43a98f8596024c0753efac494243d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f440db6f369f1df18a989fa20fe78d640fa01d105a9b8fa9fb97791032811121
f45b34f3bce53e8a781ba0b0f1ec04789dab7408ea63b6899061a2d519b7aab4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8e7b2fa99fe24bc3a05c9f933dd16c2ca7e846eb1622a95db68f7c5ea2c54a8
fa857264b7d276cb1d2dd2e705cf4998376910602c8b36779eb1f2742deb399c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

estudyassistant.com Open in urlscan Pro 2606:4700:3032::6815:1e93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

87 %HTTPS

46 %IPv6

33 Domains

47 Subdomains

31 IPs

8 Countries

1228 kBTransfer

2865 kBSize

38 Cookies

3 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

estudyassistant.com Open in urlscan Pro
2606:4700:3032::6815:1e93 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

87 %
HTTPS

46 %
IPv6

33
Domains

47
Subdomains

31
IPs

8
Countries

1228 kB
Transfer

2865 kB
Size

38
Cookies

154 HTTP transactions
3 data transactions