nets4.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nets4.com/domain/baantada.com
Submission: On March 19 via api (March 19th 2022, 4:59:30 pm UTC) from US — Scanned from DE

Summary HTTP 287 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 34 domains to perform 287 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.

This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.99.31 13.32.99.31	16509 (AMAZON-02) (AMAZON-02)
2 15	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:803::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1774	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
25	34.233.19.159 34.233.19.159	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:400e:811::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	172.217.23.194 172.217.23.194	15169 (GOOGLE) (GOOGLE)
2 4	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
3	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
5 8	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.245 178.79.242.245	22822 (LLNW) (LLNW)
1	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
2	85.114.131.234 85.114.131.234	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
287	52

36 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-31.fra60.r.cloudfront.net

cdn.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1774 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.233.19.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-19-159.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

c.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

a.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

b.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:400e:811::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.233 (Dortmund, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Dortmund, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.8 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.145 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.17.65 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

ad2.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.92.94.3 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.245 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com	351 KB
36	nets4.com nets4.com img.nets4.com s0.nets4.com	409 KB
29	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352	822 KB
28	purpleads.io cdn.purpleads.io — Cisco Umbrella Rank: 176762 api.purpleads.io — Cisco Umbrella Rank: 157725	44 KB
21	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	28 KB
12	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	276 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	146 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	221 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	557 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 28803 hal900015.redintelligence.net — Cisco Umbrella Rank: 191605	58 KB
8	openstreetmap.org c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588 a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366 b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554	56 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 916 c.clarity.ms — Cisco Umbrella Rank: 547 b.clarity.ms — Cisco Umbrella Rank: 2975	25 KB
6	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 13937	4 KB
5	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 33086 ad2.ad-srv.net — Cisco Umbrella Rank: 217473	16 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	rvty.net brain.rvty.net — Cisco Umbrella Rank: 68665 cdn.rvty.net — Cisco Umbrella Rank: 260426	97 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 39406	2 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	40 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	107 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207 cloudflareinsights.com — Cisco Umbrella Rank: 1193	5 KB
2	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 45661	7 KB
2	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 64653	14 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 39676	830 B
2	zenaps.com 2 redirects www.zenaps.com — Cisco Umbrella Rank: 18649	1 KB
2	adskeeper.com 1 redirects c.adskeeper.com — Cisco Umbrella Rank: 15984 s-img.adskeeper.com — Cisco Umbrella Rank: 17514	14 KB
2	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3666	34 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	kaspersky.com media.kaspersky.com — Cisco Umbrella Rank: 98638	17 KB
1	conrad.com asset.conrad.com — Cisco Umbrella Rank: 66381	15 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 55516	727 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 193	552 B
287	34

	Domain	Requested by
35	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nets4.com b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net nets4.com tpc.googlesyndication.com de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com googleads.g.doubleclick.net
25	api.purpleads.io	cdn.purpleads.io
22	img.nets4.com	nets4.com
19	securepubads.g.doubleclick.net	cdn.purpleads.io securepubads.g.doubleclick.net nets4.com
15	www.google.com	2 redirects nets4.com www.gstatic.com www.google.com tpc.googlesyndication.com de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
12	cdnjs.cloudflare.com	nets4.com cdnjs.cloudflare.com ads.eu.criteo.com
11	nets4.com	nets4.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
6	www.awin1.com	3 redirects ad2.ad-srv.net de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
6	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
5	www.gstatic.com	www.google.com
4	hal900015.redintelligence.net	1 redirects de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com hal900015.redintelligence.net
4	ad2.ad-srv.net	1 redirects brain.rvty.net ad2.ad-srv.net
4	hal9000.redintelligence.net	de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com hal900015.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	securepubads.g.doubleclick.net cdn.purpleads.io cdnjs.cloudflare.com hal900015.redintelligence.net
4	googleads.g.doubleclick.net	de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com nets4.com
4	b.clarity.ms	www.clarity.ms
3	pv.medialead.de	2 redirects ad2.ad-srv.net
3	pix.eu.criteo.net	ads.eu.criteo.com
3	www.googletagservices.com	b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
3	b.tile.openstreetmap.org
3	c.tile.openstreetmap.org
3	cdn.purpleads.io	nets4.com
3	s0.nets4.com	nets4.com
2	cdn.contentspread.net	ad2.ad-srv.net
2	ad-server.eu	de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com brain.rvty.net
2	5994599.fls.doubleclick.net	1 redirects nets4.com
2	pb.media01.eu	hal900015.redintelligence.net pv.medialead.de
2	www.zenaps.com	2 redirects
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	brain.rvty.net	b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com cdn.rvty.net
2	c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cloudflareinsights.com	static.cloudflareinsights.com
2	c.clarity.ms	1 redirects
2	a.tile.openstreetmap.org
2	static.addtoany.com	nets4.com
2	www.clarity.ms	nets4.com www.clarity.ms
2	www.google-analytics.com	nets4.com www.google-analytics.com
1	media.kaspersky.com	ad2.ad-srv.net
1	asset.conrad.com	ad2.ad-srv.net
1	www.conrad.de	ad2.ad-srv.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	s-img.adskeeper.com	nets4.com
1	c.adskeeper.com	1 redirects
1	ad.ad-srv.net	brain.rvty.net
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	nets4.com
1	dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	static.cloudflareinsights.com	nets4.com
287	61

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
baantada.com
leafletjs.com
www.openstreetmap.org
www.addtoany.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-29` - `2022-04-28`	a year	crt.sh
*.purpleads.io Amazon	`2021-12-01` - `2022-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.tile.openstreetmap.org GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-05` - `2022-10-05`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
ad-srv.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
pv.medialead.de R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
ad-server.eu R3	`2022-02-13` - `2022-05-14`	3 months	crt.sh
contentspread.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh

This page contains 42 frames:

Primary Page: https://nets4.com/domain/baantada.com
Frame ID: 26988005DA41EAD40F3E8487D37AFCBD
Requests: 85 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: F8066CBC3818D0CCB3A7299B34B295CF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=veskdsnk572q
Frame ID: 0C029F4907CB05B6A86E76873177F9B3
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: C7E820BAD38ED574CB01F6BD8B64D836
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 95CF4247CCF71619CDB1C4B2FBAB1C01
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F53ADE5B1ED5AF351A27A1BBDA77F797
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 47FB9CE133D2EA83C7D985BA9AC981EE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D3C23D62C0399DBBC503ECC3AB0D022A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 10C85E0C648FCE17FFA4440CF89CA268
Requests: 8 HTTP requests in this frame

Frame: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5B5D82ED022D37430AE029551CF2D9A0
Requests: 1 HTTP requests in this frame

Frame: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B768E264B726F7563FB408DA009D47DC
Requests: 1 HTTP requests in this frame

Frame: https://f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 278ADE28F33453AEBC82A91B86698C26
Requests: 1 HTTP requests in this frame

Frame: https://dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6EB10BD9827867F96F2933A6D321B8EF
Requests: 1 HTTP requests in this frame

Frame: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9C2C2888A7676B6DD0B6787D7387220F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 047D9F51BA9873E4AE43D1D983AC1BA0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88B858C20012CEF7C5D07CB083FDA30E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 015F68A58A4329685AE2E0E7E3551BE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE1AB84D2E27C4A9FBD26D9439B93CC8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AFC192919E06CB936EFB76D99DA12510
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54C885E03DE0DDEF617D29B3C4F7FD2E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42EF5A235ADCBB3C8DAD36F5DCEE867
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A09BEC825AB9755290825F0080EFC63
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91ACF4048200FA52F8E1317E5AAD8944
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13940B1E99AC90D81C36A00D9F7A64DD
Requests: 2 HTTP requests in this frame

Frame: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F1BB664ADA6F97768CB35400DC5D0272
Requests: 7 HTTP requests in this frame

Frame: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9D062E97317543B7151375132852B859
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: F518858B22103FF631894F00BFD7CABE
Requests: 15 HTTP requests in this frame

Frame: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 11A5640C8EB38E3CFD1891FEA994AA09
Requests: 9 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Frame ID: 739123140F5B292C0B867412B7B7DF01
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXtEsO72kZBzN_Os9zGLy4vA67LHBJfZ5wzeoSsuKd5NJ7NjGgS_DJhWiupglmKdNLtB8mas9vLhFk-a0n8MPiPCSw2-JEG6jJt3XWGKCaUTzIAx3eN42kPiM_RMVOkYGD7NVLoEwkdraUvmh_uOii01_9eLELePyEm02xtdin05gE3fLU
Frame ID: 0FB7FB02557527EE4E687C7D208D32B1
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjYL7AANhNsIEcuxAANp4p0dDYupb0Lj93Mfbg&u=%7C%2FM5QkwCnelO151aBeqsi%2BjAYKpfxTq54yjAnMUwlNLc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIAxsbpWuVoK8IhEdp64Axi2OnJubKR1RqnTHVyjiKZAQcd8alEekYaQ81Ggcjufph4I95edU-CHoy9-_h9OPcpNMuQlbz4Y-DPoyco0VhWHZ1LPxQnNl3jxpwXPWCPHxooQJZHCv5RAbe0dWW29TvAT1v9wvuFa5q_U8JVON9ZtWPSOfY83h6e7srT_nJmVnMsM8o9AyEjuQkO3sokHew9QFiPt9SF2aN8A-8DcFb0O-xQEepl-8p0tH718vRrLLppySfeVbRquvX4Bi3bwuDa9eCUL8Gi488oAtVc0QFwvJgRKU5L2nn4wdDHoUKyacTPSXeR7Fftf-HI1bcPKcPXKhafOz8E46VipN43MwJYtH7p95TgodEI8FDUTfwte2ttIMziUWrek_YAtKKcc9KeB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClsXM7As2YtuJNrGXx_AP4tONsAzJntKxXNWdkfdwwI23ARABIABglaKggrAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQLP6TMaFYqyPuACAKgDAaoEwwJP0L5P2kWOE20ZUpY4tSMsXLRciq0QoDd4lPUQNYT2cSDJP5iMUi5zbne7PmjUupqU8I7h-1ifJKvoV5pKujjjHaP44MZ8hYpWJgAui0axBviMq1-GZuwwHBGpz6oYe6hsqoa5zcPbMLxLOC-gDaz7IubDOMnTdSEPgyZtJbdIQluBa7HKa7E8sZUFT4XnBZQZ0YLh8ajI1ImhLEgi-9I-_b8dcW23uXsExD1Yb44PznRHlEg6RvdQ61yfGWwjDL6x1xBPzLc9lHiDnGctJfGzzC9sSuaEoTpOs8X6bYjaElF6ehGpGOWDPI4czVE1q9BV3KSGvCvYLksk-xM4eeKob5ovyP43CkDd72Bt4heMXmFNqFL33M7Q0so0kKGGYkt3GWJZVmr63prAlyKXDHwZZL1IvB3Ms0TEtP4QKEFR8sJOe-AEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1b9uxzwAPO5awdq1_lHvrWfYmy5g%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: 5403561EF2F683C1DC26D48F02EE1A55
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022202142035000/amp4ads-v0.mjs
Frame ID: B7CADF24CF5BFDAD739891432760A1E0
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: CD3A0E6D2C0A59557ECF1BD055601A01
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06807FE20D3E8762200EA96D8BC0C23F
Requests: 3 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_278235_1647709166_eeed8a30-a7a5-11ec-98fc-223366d53764&insert=AW
Frame ID: 1AE230EF11FDF2B4CF1644F2CCC4E6A0
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519511&v=14098&q=368694&r=278235&pv=1&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent=
Frame ID: 816A03D36ED28CC1E591ED85A2C703CD
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78573500141119700710612011903015&actionid=981741&produktid=&dt_url=
Frame ID: 93499A249C3F1BA289A776DCB3991D2A
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677
Frame ID: 1CB43FE9746E6A9CDFD074F0C10C5E8F
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Frame ID: C34A6A0373878C1D66EDCF2B3509A52D
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=91435900117200100906795011903002&actionid=981741&produktid=&dt_url=
Frame ID: 53CCE5AC3B8AB05F9F0648C381316363
Requests: 1 HTTP requests in this frame

Frame: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
Frame ID: E412ED91A81DCD387364EC12F36D44C4
Requests: 6 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 86C45AEB52BA427C1A86A89E9D1BA06F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baantada.com - กิตินันท์ กรุ๊ป || Kitinan Group - Baan TADA

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

287
Requests

95 %
HTTPS

50 %
IPv6

34
Domains

61
Subdomains

52
IPs

5
Countries

3383 kB
Transfer

7757 kB
Size

37
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.nets4.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://link.nets4.com/digitalocean

Search URL Search Domain Scan URL

URL: https://link.nets4.com/google
Title: Signin to Nets4.com

Search URL Search Domain Scan URL

URL: http://baantada.com/?utm_source=nets4.com&utm_medium=referral&utm_campaign=domain_page
Title: baantada.com

Search URL Search Domain Scan URL

URL: https://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://www.openstreetmap.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: https://blog.nets4.com/p/privacy-policy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://blog.nets4.com/p/about.html
Title: About Us

Search URL Search Domain Scan URL

URL: https://link.nets4.com/facebook

Search URL Search Domain Scan URL

URL: https://link.nets4.com/twitter

Search URL Search Domain Scan URL

URL: https://link.nets4.com/youtube

Search URL Search Domain Scan URL

URL: https://link.nets4.com/instagram

Search URL Search Domain Scan URL

URL: https://link.nets4.com/quora

Search URL Search Domain Scan URL

URL: https://link.nets4.com/pinterest

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&RedC=c.clarity.ms&MXFR=35BF35EFEE556E3809112483EA556042 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&MUID=0CA8C531F6C5613F1AEBD45DF7176090

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjYL7WwKkza58eEBobrTuAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECUvIs58Hk5dK4y__TEHUiI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECUvIs58Hk5dK4y__TEHUiI%26google_cver%3D1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNTE3ODU2MjQ4NTg5ODc3MQ%3D%3D

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 231

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 238

https://c.adskeeper.com/c?pv=2&v=0|0|0|Q75YUczgpKtS3uNqwdzEyGQ0ofhchzfsYlmUYE8Ebv8wNF_BhC6qggRmexSjIn0W&cid=1220981&f=1&h2=8b31n8beMzk8yeI5fFFBq1nYBMDsdrdvSouDgBMShQA*&rid=edeab7f8-a7a5-11ec-b5b6-e4434b15122e&psid=608532c2eac0e20ce6d36538&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvMzgwNTY0NC8zMjh4MzI4LzEyNngweDQzMHg0MzAvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURVdk1UQXhPVEkwTHpFeE1qQmxaRGc1TUdNMU1USTJNV1ZtT0RreVl6QTFZbUppT1ROaFlXVmpMbkJ1Wncud2VicD92PTE2NDc3MDkxNjQtSE8xbnU5Y1N1Y3JIanFweHlaYVZFVl9SamxxQ1p6RjlWTjh3cDN1MUI1Yw== HTTP 301
https://s-img.adskeeper.com/g/3805644/328x328/126x0x430x430/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzExMjBlZDg5MGM1MTI2MWVmODkyYzA1YmJiOTNhYWVjLnBuZw.webp?v=1647709164-HO1nu9cSucrHjqpxyZaVEV_RjlqCZzF9VN8wp3u1B5c

Request Chain 250

https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5415696685165&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5415696685165&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 256

https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 262

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pv=1&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=eeed8a30-a7a5-11ec-98fc-223366d53764&v=11354&r=278235&q=371933&s=2470167&viewref=91435900117200100906795011903002&pv=1&gdpr=&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_278235_1647709166_eeed8a30-a7a5-11ec-98fc-223366d53764&insert=AW

Request Chain 265

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=78573500141119700710612011903015&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78573500141119700710612011903015&actionid=981741&produktid=&dt_url=

Request Chain 266

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677

Request Chain 268

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=78573500141119700710612011903015 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 286

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=ef14e851-a7a5-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=91435900117200100906795011903002&gdpr=&gdpr_consent= HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif

Request Chain 287

https://www.awin1.com/cshow.php?s=2519511&v=14098&q=368694&r=278235&pv=0&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent= HTTP 302
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png

287 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request baantada.com Show response
nets4.com/domain/ 48 KB
12 KB 1131ms
1089ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/domain/baantada.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e824edae83c07e028360bc3703ceee3da89b20bcbcbe411ab8ddf157ead414

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6ee7c214d91c9c00-FRA
cache-control: public, max-age=86400, proxy-revalidate
last-modified: Sat, 19 Mar 2022 16:59:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7cb6dTBFUF3FXvoXEpz5%2B8GGCYpshZ31lCYuyfL%2F%2FxNPIcJSRLjBgz6lhp6cs%2F9DETiI13BFjCudgZZVAAcYyQ3US4PM2V7RSa45B8J3eRJo7ck5q2p%2B5CdSn5W5E%2BuklTGY8%2BC4NM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 awkqrI1qzYcE0gTfW6uXyLl_1bA.js Show response
nets4.com/cdn-cgi/apps/head/ 7 KB
3 KB 36ms
35ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2779934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TBE6C4PT6ZEY65EB
x-amz-id-2: hqmFJhu4VH8dCEln6C+wWXkNh2EoKkrRwJZHX09Pjf7ISr+2/I4OwLauznRIaOAhxAwkQDPUhmg=
last-modified: Fri, 10 Dec 2021 11:06:12 GMT
server: cloudflare
etag: W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvFU4phg5mF8rcWETCrxkqYrXareVFQkf75gmCKwi942UX2v1QVWRb7E9HXrPiSE18AVvLgb%2F39lwB343YlQh2P2tFQZmkfhhri3M%2Bx5Jd653TLb%2BsGWPVr0wqz3QPzqpWwsk%2BDhxs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray: 6ee7c21bc9629c00-FRA

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 157 KB
18 KB 62ms
25ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4605389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17620
timing-allow-origin: *
last-modified: Tue, 20 Jul 2021 01:00:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60f6203f-44d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8cPbTBGl7MrEwVdwRhHcBz7lpSi5lFAdiNj88Wb%2FJFLjwjIWW%2FHoe2DcyVzdqJWQGJgHwS5kRyJJoDKMqPpSqZmzzOVjSajXg5cJsLKjp6gGYI9s4l6b6bwnP75TiSQKf1wopJDI6Uh3BIz0L8TxLen"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21bfef092b4-FRA
expires: Thu, 09 Mar 2023 16:59:22 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 60ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1114823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOId3AH9JHttTsZzwaOTtsmUWvLQXCXSCWO2GVc%2BTflbM6jhJ9lL8TamNw%2BTBp4wGC2QrJQlLMcyo%2Bqhu28Pky1Q7tmChAPIgqiG5YyN%2Fp%2FV8upA3SfgcQCV6qUbDsapGiBPpQqOEuqtxOOt5H%2BU7UTT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21bfef292b4-FRA
expires: Thu, 09 Mar 2023 16:59:22 GMT

GET
H2 200 style.css
nets4.com/assets/css/ 345 B
561 B 82ms
81ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/assets/css/style.css
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 985
cf-polished: origSize=451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Nov 2021 12:55:19 GMT
server: cloudflare
etag: W/"617fe3b7-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFknizlrlKxFY1DiviR0dUooFonRSxADxgmJuo0MGat10UwwkrgI1B9w9LdepBy4PlDOpyvgjq3XECj5Pa3N0HUS16GzftJLlawyCojuBBRNPi1dmOY0HPZYem5jidXpTyxqhLZMico%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 6ee7c21bc9649c00-FRA
cf-bgj: minify

GET
H3 200 invisible.js Show response
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 45 KB
17 KB 38ms
37ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647705600
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1318d9d360aa384ac8b04ada8b0f827ab2f56aec2ca07685b5fca44aff8f31b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aArOzFp7MG1IAv2G7TQ0lgrktRwEAgxTeQUtWjFOfgjJSziTRoErrfO8Ox4VvFiBBJHwhr%2FXih48m1IWSW0FwRe%2FNwoP150XzkUlpNHX0chzN5qk4O419wLZyeFMvMalumFh6xKBg8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6ee7c21c0e259156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Th69y9F.png
img.nets4.com/img/i.imgur.com/ 3 KB
4 KB 56ms
55ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1643997
cf-ray: 6ee7c21c0a249c00-FRA
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3395
x-served-by: cache-sea4480-SEA
server: cloudflare
etag: W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn6Qg%2FxM%2FEDbdY1Y98AS7gVIJ1sWtKHE3%2BLFAFnGfSjkMo9BwUmD%2FTk%2FZ8iQoGXROCMJjUcQfHMSK%2BUisIVUll8opFgOVy0T%2FIY60JvbVRKdPrFUQOLrliKMRpLW56KtmWvwTcntOOTzfhvh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 1 KB
2 KB 52ms
50ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4614664
cf-ray: 6ee7c21c0a299c00-FRA
x-cache: MISS, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1117
x-served-by: cache-sea4474-SEA, cache-fra19151-FRA
server: cloudflare
x-timer: S1643094498.253186,VS0,VE702
etag: W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MiyGlf1UlCTHRE7bhcR6VaUQQ9NWWc6HX3sxT64zsmqdFhSepCVYRpHauGDO6sMPamV2UbZ4kj5laZsa8dA41uXosordDXjSPcD8Cl%2BA0VInnizpiUvDx3TObhgV%2FK79rYPFOiiqP%2BMDwgW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 10 KB
3 KB 57ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3793721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2153
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e135-298f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoMHn%2F06%2BCx0v3i8X1T5LjFQlYUBdJgwsrjQW7OOdzzca7jcVTuAaMY9481Sp4zPq9Xm%2Fh6Kf29%2F%2Bf8H%2Fu578VdEULDGiE3QIaMXZYLVMWSG2Mqm9ZqvTS9kkiFH9v7vauJ4a8WNotXN%2Ff1Y%2B9XhNdPx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21c3ee15bf1-FRA
expires: Thu, 09 Mar 2023 16:59:22 GMT

GET
H2 200 Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 814 B
1 KB 63ms
61ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4614664
cf-ray: 6ee7c21c0a289c00-FRA
x-cache: MISS, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 814
x-served-by: cache-sea4422-SEA, cache-fra19136-FRA
server: cloudflare
x-timer: S1643094498.271303,VS0,VE214
etag: W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B8hl2b0FL1J1VhgwlumjtzLhVPDeKuDM5E5KKLuH6baN3aX7PHrD1o9mh6Ql0y%2FW50ORzf7qYhWhwaG%2FUxVfUfhFhl97lyTgbL%2Fc4tjT1SSKb04tqmNU16OskbSTo%2BI3oN9ogfwBPgP1zJz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 email-decode.min.js Show response
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 12:28:09 GMT
server: cloudflare
etag: W/"62332959-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FApvyjDnMzDC1o6bj7mFMO06FvIGQno%2F7%2B95jw2GiBBxXT%2BXmY1CM2wtL8sua4FgIR3bbT4DxOG5a9h%2FP5CLZeCvCv9%2FU%2BI2rxEPjFRsWUirZXfRYGXpdYQUnXigBlj8vr%2F0I%2FKziw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ee7c21c0e219156-FRA
vary: Accept-Encoding
expires: Mon, 21 Mar 2022 16:59:22 GMT

GET
H3 200 rocket-loader.min.js Show response
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 12:28:09 GMT
server: cloudflare
etag: W/"62332959-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXwPZVF7ODgt2uXrve0VrOE6CqCBvIfx8cVqulNjHR3W3M%2BxGgd7W9%2FKjF1t97i3eJTBN740x%2FdxGkze9BhwFxFPJ3J0xc4rpSFq3NyMDGbSi3rQbWatnXCIQj6EROpIAtRrDqwEbUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ee7c21c0e279156-FRA
vary: Accept-Encoding
expires: Mon, 21 Mar 2022 16:59:22 GMT

GET
H3 200 W25b9ht.png
img.nets4.com/img/i.imgur.com/ 2 KB
2 KB 50ms
49ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4614663
cf-ray: 6ee7c21c8f6f9156-FRA
x-cache: HIT, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
x-served-by: cache-sea4420-SEA, cache-fra19181-FRA
server: cloudflare
x-timer: S1643094500.716062,VS0,VE220
etag: W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5qJYY%2B7pKJPS4I7VY8cYW%2Bj18uz03LCmNx7EAyaKCRknJ4%2BXYc%2F6smKHvzFsYth6%2FOCjLxLgm89qX15roq7jiqC%2BHtvS5yEWR3QMs4PX9auHK3w%2FJMwUkej%2FqwGbLLPBiHEvwLu7CEaxApz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 46ms
25ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 161797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N1TWDwYK8aJfZP12%2F0PGFkiRMMqvWxHYmySRgFtA6KNzO%2Byuius4jiyOA6CvNE1x2i3o4y3JHL%2BQac3CliBVXlQxKY%2ByRZ1v4upJZKyOgnWMvTdYR5y6dkosy%2BWQQBloKcDxRhNvEFIfkqk3U6GiPUi"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21caa919bc5-FRA
expires: Thu, 09 Mar 2023 16:59:22 GMT

GET
H2 200 b7e4f29e-2e1a-4f56-a26f-38b6f2015e76.png
s0.nets4.com/s/ 240 KB
241 KB 2958ms
2956ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/s/b7e4f29e-2e1a-4f56-a26f-38b6f2015e76.png?w=500

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a904efb11efa9b681d38a81016769a0bc1f56d9b94c46f50a30d4b11e75cfea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245510
x-served-by: cache-sea4467-SEA
timing-allow-origin: *
server: cloudflare
etag: W/"7eb739cecdfe5d2504d5aa218b41dafc1bd3ca36a02401d4eb9ab7903ee0cf09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veGX0cH1qqMC7bTmO4Sh8j0ZKFEPGTwUEx9qJbI4qHO985JPoqKdwNaf7xvw4PbuFx8mB%2BadCE65y6yxlbR5kZYz%2B38k5FatpYo0EPtJukvFydooqJSamIq6aezIhjm3AzkI%2FubDdzAsSZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6ee7c21cdc249c00-FRA
link: <https://urlscan.io/screenshots/b7e4f29e-2e1a-4f56-a26f-38b6f2015e76.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 baantada.com
img.nets4.com/favs/ 2 KB
3 KB 484ms
483ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/baantada.com?size=32

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4471359477a8db8ef0258d87965167be5c16f941a3858a624e3225fbbfe3a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 16:59:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn0bo%2BeEr5Kw2T7ayORXSTWpTRN01zyMfR9iIJMlxysOAjZxTqJOka8qaKes7pnjM9yfhJM1ozX6LTbJmn%2B%2FYvqM8vi0%2BI7aNnnD1xXXRxqysyW6NjmIEWwJgOfKvzOMfE9UU4rjQEtf0EPR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ee7c21cd82c9156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 baantada.com
img.nets4.com/favs/ 831 B
1 KB 515ms
514ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/baantada.com?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6c73c1d9e406a88330f4d563918c3f39a6b12474811ba58dd6e98861aee2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 831
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 16:59:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyYTRNmjofMTcRf%2BgtOZkauFT61hf3Bm4cmZff5IyrpFe0%2FsYd2Dc2uszuj%2FCCmx8P1CgZBqFSi4BMh4iHhZOpWkkcg6WCmcvpeiWwVesWqaSudWvE8Ox91rYPgEvtQ0e21LZOrtP%2BSzaz0w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cd82e9156-FRA

GET
H3 200 imoe.org
img.nets4.com/favs/ 568 B
1 KB 70ms
69ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/imoe.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f820c33074a8332f0a72349309504670818bc9f8a3f1958ba03bc0cebd5ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166900
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 18:37:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ns7UWuC%2Bl1nDPrd3zOWK3kWLt1B%2FpaLZYtgfbfULtx8tKIewxOKp7ftJOsr46EEMB3QqO%2FRcateY5c0qFL5yw%2Bc0VS5uspHsNjP2MZAQBOuKHT37j5ubEquFFlKA78O2C0A0x8CFgpEXkIHJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cd8319156-FRA

GET
H3 200 kuttymv.org
img.nets4.com/favs/ 70 B
606 B 68ms
67ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/kuttymv.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 03:39:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvLfAznDPUKYW0iTYosoY37PCCzjA9NcfRmqCG0s2F%2FkvpzunhIIAzBbUgX2o9xG2MIa5%2B%2BAdiBwOk1oplPxnMWP3zeebdGKIt41BFjgnReZ2EoD6i%2FrTY%2FyXlJVvfRNwJccdNDfM3QP1df3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cd8349156-FRA

GET
H3 200 grace-model.net
img.nets4.com/favs/ 70 B
603 B 61ms
60ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/grace-model.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47966
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 03:39:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOrru0i%2BGC9aBqR4%2BowmKo9JElvkCHjJdeI6wNCpkhezxVt0proPXuouRdssE%2F8gpqJZYps01daq%2Bs3317aQyhZFgqfrBmDB3lmr92ioaGy1lqHfvUvmKYV05cLKtCOqZD4CGun1F39xfMrf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cd8359156-FRA

GET
H3 200 baantada.com
nets4.com/domain/ 15 B
0 38ms
37ms Fetch
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/domain/baantada.com
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nets4.com/domain/baantada.com
ts-request-embed-key: b0d38573-9441-42d0-acb6-38abc5a5374a:7024cc6cd250e849baaeebbb097bc50bdd543f1253ccc2366760d4615d654963
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZj7GLtM60Iwu7ADZi%2FvF3xasLFc%2BtXlYQaK9YAuL75k%2Fx3DV4ElJVWhr4TGF0Nx1URd62WpYtcMh3BeblrrfWh6Q8IaglEw21Rms6DF8IUoMeoAdoBlceqrYvx8qFWA3lEYGIwutFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-store
cf-ray: 6ee7c21cd8409156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 30ms
30ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1644224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-12bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFy1V9N%2FzXPYwUEYqdsXfac2Bs%2FGaT4nua0U9jiv6oHhKC0Ms4qPwXcVGi1a0M1y%2BJYJ%2BN%2FhE69Sfvlie%2BlT4ga7n1eQzln08JoHYgBXCuEaoUvACj650zdahH3naHv6ANmOx71dpEx8Ug%2FC%2FbxBDSGr"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21cdb049bc5-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H3 200 unicredit.ru
img.nets4.com/favs/ 623 B
1 KB 80ms
79ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/unicredit.ru?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7a8cbc07bdb24148bd90abacbb2babe5982cb3b78e1cb51ef2962d85dc67dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623
x-xss-protection: 1; mode=block
last-modified: Sat, 12 Mar 2022 14:52:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5vYVLyelt2oqt7ou4MrxBaqhkJZZ9n1Sc%2FHI%2BQCrCacr%2BH0T0O3nNKpFCSgLaTmw6vpZ1pWjJPXW2wR6lPRdHvLG2q09AiHrYwbUpjJ8FbrW66reMI2%2BuM6%2FLzs%2B41eH6VTtbwyrXxknzaa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21ce88e9156-FRA

GET
H3 200 benetton.co
img.nets4.com/favs/ 70 B
604 B 55ms
54ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/benetton.co?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 03:39:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKbdXrLp6SkjBHNaHxvvsrFkLrZ158XGb8u2BvAboKzHVdojJ1Yl%2BF%2BK5q3ULIgznxyBXoQB7seI03xelmDEOzacYVn0jNmrUe89S86tj5Ncb5HljslHwMsT%2FbwxpBkEBcUVsbZBtOeMwvPV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21ce8909156-FRA

GET
H3 200 bases.org
img.nets4.com/favs/ 604 B
1 KB 79ms
77ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/bases.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9004b9eb5fe0374dffa1ddebb5ed6bb7f27be22ab7df259187536d9de77f2f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 604
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 03:39:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVYu0mef9R0kuN5ClEBneE%2BMpJdInmpTMucyF7peQRrpcmGHJMUYKr70ZOiPSi1bZdZ54E8nUhFyZ8D8tOGu70PO4ffQncC5zhiEI%2B0d4ah5aiBp51iId7Inm3XoLWGp1PJoblf8jFwUaSJO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8969156-FRA

GET
H2 200 backlinks-discovery-chart
s0.nets4.com/charts/ 30 KB
30 KB 1229ms
1227ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/charts/backlinks-discovery-chart?d=baantada.com&w=400&h=200&entries=12&ctype=2

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d993c78391c7e6b919f8e8e957031f9b09ee3dd13f37c4a57d8e2fbdc505d3a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://docs.google.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition: filename=BacklinkHistoryChart.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30650
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://docs.google.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Language, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DqXeU5cWaxMLAswa%2F4uYHF7ma5zmBi2H4iiNtVhuTXmiSfnefrnF6E6G6kh6xPSt70%2B4fmLXOlbtsF4zJIdLvyxjYHBTl2mIs%2BH6dzx7aG40%2Fj7JtJC%2FnRNbJ7HXZ9Q%2Fse9bkCySvdOO%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
content-security-policy: frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges: bytes
cf-ray: 6ee7c21cfc639c00-FRA
expires: Sat, 26 Mar 2022 16:59:23 GMT

GET
H2 200 referring-domains-discovery
s0.nets4.com/charts/ 31 KB
32 KB 1179ms
1176ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/charts/referring-domains-discovery?d=baantada.com&w=400&h=200&entries=12&ctype=2

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c90d0d189a3137ab8f34e604a6d974b6a07cf2e94d9646b957e384746683970b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://docs.google.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition: filename=BacklinkHistoryChart.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31771
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://docs.google.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Language, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0hZtoHZ2UQ3WxD4MJkvsXyaLFf5DTJ3EWzbE01Hl%2FnIt2mCKBuX7ctzCVo6rvSj4MLY2Kt1VzgvIj8bj6rvPGOJu6%2FYcoF5dSVzhZmUpdUi1LKWIB0oyW82PDSoqY37AeTJ8bDCJZy1MKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
content-security-policy: frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges: bytes
cf-ray: 6ee7c21cfc669c00-FRA
expires: Sat, 26 Mar 2022 16:59:23 GMT

GET
H3 200 everythingpro.in
img.nets4.com/favs/ 857 B
1 KB 487ms
486ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/everythingpro.in?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d58481293f923b082713cbc47188d69c7ade2927742561b30d38e7f23045f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 857
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 16:59:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf2eVXiRyF9pmdm8SmSPc0teOLw62GmsubFaMc%2F2YnT%2FlASatwT1zRUqdlOQapbynJ2vmSrGPari9muLnf5Rs2yMPInOR4zWQzMzZaHrfm5wW0qkNn4xtIEODJTgEnIPddMsrDWuAb5vl2%2FY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8979156-FRA

GET
H3 200 metro-neft.ru
img.nets4.com/favs/ 141 B
670 B 506ms
505ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/metro-neft.ru?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0eca0035829eb8fc2f39f02c5f8d7521e492caf6fccc556255c561d6fa4d269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 16:59:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3FY%2Blb5fmVbXaqbNue7VZ2YBMAWlZ98YuaZzs1UjDSGbwPmc20Wd86wKXiU6qhLNu%2ByO65ydLBD9yVJ9%2BoiNjg1ERfzmn31Erl0tT9QJXgTAo3kj6GMyNqGDdeDcgN7f5bRKiA7B7HGdzGK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8999156-FRA

GET
H3 200 9anime.to
img.nets4.com/favs/ 242 B
780 B 69ms
68ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/9anime.to?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 687232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Mar 2022 18:05:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roK5IRWjy0YT9vdKlI3HPP9qYGHfTgVLTHOG2gUyBWemTUFe4rHJrKc3HjrkltIHmBxuFnOssnzgpUHBwx5X%2Fm%2FWzCvAAqJPfyOAC7dJ1z3%2BzFapVzA715Rh7%2BR6r%2FpWXYmYsoYigNOXm1Ts"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf89a9156-FRA

GET
H3 200 movies2watch.ru
img.nets4.com/favs/ 566 B
1 KB 67ms
66ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/movies2watch.ru?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c6acc32b5e96760ac6461f89c8d9ac11681aaaa3873093924a1a566118d34b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 566
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 15:58:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qv%2FM8X1CjrNoaL3NG2CcdkPnHUxkZLZv8KgidImd9HPJNjpEGZWt1Cga05adUxpaSuZZB8%2F8DBMEU8Xju0VrdWOJacxKTMpt38mZsvCLYVIvfG6yh%2BMxXkUG2uzYBYM8mfuJhM9f0Icw6U71"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf89c9156-FRA

GET
H3 200 123movies.net
img.nets4.com/favs/ 496 B
1 KB 67ms
66ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/123movies.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e079f888afda924898dede26575e46f50ac8eba0f1d031396b80a051b3800eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6976
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 496
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 15:03:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcKkyHqxzRWiIVro5HR%2BL0i9dS1tBXnJUXjdXfyaW6H39qbVfrKjMdZ62srI8F4oAuDZqwRc0R2pj20KOMfXQG0UahUkBtSHNugV5q%2FgLdxXTtT3dgyiA15PZ1ab6FDn%2B%2FVx%2FZvlg8O1Tkjl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf89d9156-FRA

GET
H3 200 sdship.net
img.nets4.com/favs/ 70 B
598 B 66ms
65ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/sdship.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 14:29:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CivyLy7j6oBdaxW4ugfycI7Qh51D6A2Phwvt4JRhZYiR3r7WWEGuztYe8ZN86BnlLtoLJoq8tdaZlLqmIpjkTgoui1so1Wb2e0YreLc%2FZD7e4MBuPFqREpeS0TrbLSLjzqqlPJx9zQqNvSgt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf89f9156-FRA

GET
H3 200 autocentre.org
img.nets4.com/favs/ 70 B
602 B 74ms
73ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/autocentre.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10619
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 14:02:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiQDSD1bjs%2FbQFtUnJ4V6FNZ9a8HuFnVOmdSL96rkr63cueyw%2Bz4AtsdXB9pWIZmCmsSytDaGojlJ5c88BrlGCPdNxCQ9nae27iY9Un96tofYlDgSRh2cwRPZ5vTRH04pKkA1jI0bmMjsjbh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8a09156-FRA

GET
H3 200 jakebennett.net
img.nets4.com/favs/ 464 B
1002 B 59ms
58ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/jakebennett.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c98667e67feefb55890e10697381b63dc2e5765e947d025e0e114779a801dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 464
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 13:53:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF%2BZyARVYUZheGMcINEqhqkFuTaEscXZw48bXqaWF%2BTmPyFr84vKzvBZccbmvwvYYvIn5cK5733m46h6RjXp0BEJMCRwxS00PAcAqEaBKIj5xK21Rwllr3igq%2F1%2F4pEUTOpcg%2BqSrOzUsm3c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8a39156-FRA

GET
H3 200 huongdaovn.org
img.nets4.com/favs/ 70 B
607 B 73ms
72ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/huongdaovn.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 12:53:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg7rxa4BO%2B2CdP2Dcwovs0l0IZtfTQngK3WJ6ZqM1j1hRXHAhTpQRN1lpaEI0%2F6ZG3L3g8UH5Gl8bvkd%2FwJ50MfG%2F%2FXg1cp0M%2BqN3gWQBlO74eY2kFp%2B1doyRxu7COdh8DrhtpAPouuetXC1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8a69156-FRA

GET
H3 200 indiapostgdsonline.in
img.nets4.com/favs/ 511 B
1 KB 60ms
59ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/indiapostgdsonline.in?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af71645d4cbc1b518e70cab09e991180d344e49aa9510c5512957ad62f4aea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 511
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 12:38:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJf6qkTD1mREaSuXpODUobjBvbsdH%2B4RmqKZobns6zCy%2F%2BOqPh6dN9Ingvu5zovHTjGv8tllYjl2UBnCkTL70DhZy28rUbJwp%2BIaF8vx9BUqzukKNt%2F2UkkTbOCWOHIrein46Y2ZvYhg6oMq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6ee7c21cf8a99156-FRA

GET
H3 200 leaflet.js Show response
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 139 KB
36 KB 33ms
32ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4611883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35659
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-22a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgKledytumQBvBPQw9ypEhMFo%2F1lnP5HXpPSkV0kZrvC8WffDguAc4mV6TDdhaqAx1Mm6GpumQgXoFX7IkuW4m7cfmHVtd%2BEzwqpTuL1lTbqYw3JcYWOuCEuVjc%2Blgo%2BCe0vhkT5ac8zk8t7HqAu282P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21cfb489bc5-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H2 200 agent.js Show response
cdn.purpleads.io/ 35 KB
11 KB 54ms
18ms Script
application/javascript 13.32.99.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 23:18:32 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 09:36:51 GMT
server: AmazonS3
age: 63651
etag: "6b17cf687f43a8f73178a58f89d7d60e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 10487
x-amz-cf-id: Zvpp2Wdhh6WpTAhRPSEJjsJ5GWiR4mRVkqCTpZbHONM6VXQl0Gs_ow==

GET
H3 200 sharebutton.js Show response
nets4.com/assets/js/ 80 KB
28 KB 76ms
76ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/assets/js/sharebutton.js
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3002
cf-polished: origSize=120806
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 03 Jul 2021 07:08:27 GMT
server: cloudflare
etag: W/"60e00ceb-1d7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2HG7Zbfg9dM61cEner40gyBXsIB7tDkAQZ5MKm5r37uCdOXGGSGsmJGe7emxcUOlVt%2FHRPtUJ3eI1CtBbM6hQrkzq6tzvTVWrWttCi9663%2BIqQbfU1MBSD%2F3LG%2Fl48P9a3kL%2F66if8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6ee7c21cf8aa9156-FRA
cf-bgj: minify

GET
H2 200 load.js Show response
cdn.purpleads.io/ 24 KB
7 KB 55ms
18ms Script
application/javascript 13.32.99.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:37:02 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 10:12:20 GMT
server: AmazonS3
age: 46926
etag: "46df8e234dd4307137411d6b4887edad"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 6702
x-amz-cf-id: EPqA13TeJGaHkH18h4s7dD-97FjdIGLrWyk2wrWLRQkvZLsjOFz7Kg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 72ms
28ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sat, 19 Mar 2022 16:59:23 GMT

GET
H3 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 62 KB
14 KB 64ms
30ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4611826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13102
timing-allow-origin: *
last-modified: Tue, 20 Jul 2021 01:00:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60f6203f-332e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sUP6f4pFXKkxQaARqOaDE1qZyrkcW5S0LiqEIBJ394rgik07MppyizEU%2FF9oggQyEfxhmEz8IkJsCIsSt1SOVKzl1dgPilYaY%2BX4ZfVFIW9t9fryyM3ekbWkub%2BbzHrTb0T7USLn7FTupKAcrwJTb2M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21d2b479073-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 18 KB
7 KB 81ms
46ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4611716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6107
timing-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:01:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61310375-17db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qb8iF19OFrixg%2F1PQK3FFVfHX%2FxU1K4O89PshDKtt30OcpGxb2uK8VbiReUxM9L%2BzEkyfZ7JrsxPuQ7MwPLxxaU3FU5v2hue3%2BYHhzPI9ebpdpWWMhB2JI%2FpKSEn77YQmqHq1azvx7BmouYgHWA8ga40"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21d2b4a9073-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 82ms
47ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 846228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX42wJlCrzKSg4xD1FMLC2ewc%2Bj%2BgJA2XxGpHx%2BDk26wUAWxnv0Y7LEvyMomWWnmjQw%2BHjR125redagAZCYYkks9jMs3hy4ImdoTi%2Fj7PTayRUCO28S4geQEhp4lgsiTKFjuQq%2FH%2FGN1%2FpvjbyONOFKZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c21d2b4c9073-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 91ms
52ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ee7c21d3e0c9b86-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
25ms Script
text/javascript 2a00:1450:400e:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2623
date: Sat, 19 Mar 2022 16:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 19 Mar 2022 18:15:40 GMT

GET
H3 200 s.js Show response
nets4.com/cdn-cgi/zaraz/ 4 KB
2 KB 119ms
119ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQmFhbnRhZGEuY29tJTIwLSUyMCVFMCVCOCU4MSVFMCVCOCVCNCVFMCVCOCU5NSVFMCVCOCVCNCVFMCVCOCU5OSVFMCVCOCVCMSVFMCVCOCU5OSVFMCVCOCU5NyVFMCVCOSU4QyUyMCVFMCVCOCU4MSVFMCVCOCVBMyVFMCVCOCVCOCVFMCVCOSU4QSVFMCVCOCU5QiUyMCU3QyU3QyUyMEtpdGluYW4lMjBHcm91cCUyMC0lMjBCYWFuJTIwVEFEQSUyMiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGbmV0czQuY29tJTJGZG9tYWluJTJGYmFhbnRhZGEuY29tJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTdE
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: https://nets4.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1guqRIi6v%2FSCSrW7%2BMAqCjC8DN5C70MEuGhoY19hhdvvWq5xwbsgWISrxaMKxkVtZMl%2F%2F1%2FdnOcTobcEgKVA3VJbd73WitdmvMYZ0tglaZsi9tJ1JURt22R%2BY%2BzPeoGqdRH8%2Bcx7mwE%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 600
access-control-allow-credentials: true
cf-ray: 6ee7c21cf8ae9156-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 29 KB
10 KB 44ms
44ms Other
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b447fea9e58612e227abdc4ddc5291460e8381c2aaa2e22e36939f964b2dd94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/baantada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctVwg3CZtbSsiweZwE6ch5TTNP6qRUaa0xZF8rwJtnjJKq%2FR1tU2raMniMmx9kLF5zHMh5rqiGHuXzrZvRucucbjMZsWvOGqTSwF13BRxY4gximnQIGiofx%2BElyaS%2FXYSWbzZSIR3cE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6ee7c21cf8b99156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
27ms XHR
text/plain 2a00:1450:400e:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1083166804&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&ul=en-us&de=UTF-8&dt=Baantada.com%20-%20%E0%B8%81%E0%B8%B4%E0%B8%95%E0%B8%B4%E0%B8%99%E0%B8%B1%E0%B8%99%E0%B8%97%E0%B9%8C%20%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B9%8A%E0%B8%9B%20%7C%7C%20Kitinan%20Group%20-%20Baan%20TADA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=14781794&gjid=797197023&cid=453713122.1647709163&tid=UA-123511935-10&_gid=1910208924.1647709163&_r=1&_slc=1&z=334206082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nets4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 550j6zn5gn Show response
www.clarity.ms/tag/ 688 B
1 KB 238ms
133ms Script
application/x-javascript 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/550j6zn5gn
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 7b4f8178ec5033c0b1f76b629fac7363e610a0b83e13c7efab44fb74f8a7b938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
x-powered-by: ASP.NET
x-azure-ref: 06ws2YgAAAADNlsm7eL3qSqA9MlhuAO6cTElTMDFFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H3 200 6ee7c214d91c9c00 Show response
nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/ 2 B
683 B 41ms
40ms XHR
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/6ee7c214d91c9c00
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647705600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://nets4.com/domain/baantada.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ee7c21fde4e9156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eGCJoq9JDXJM5aEoZVEBDBkLJXE9WMuDMuwF0TkNNrwCzfFB6e1R1UdDGnqsoGWsK4i0PgXpOM55qWBiX8mDwQKylroO3Fywxuvz5WIJnQoxcFULs4eyHk7VkS6u%2BAWxzYgnd9yAFA%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.33/ 53 KB
23 KB 133ms
132ms Script
application/javascript 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.33/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: cdbbad52ea5a7c7664761a59301ceaeee0efbe793db0ef799a89670584da9934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
etag: "1d839f818e84fc8"
last-modified: Thu, 17 Mar 2022 12:11:14 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 06ws2YgAAAADD7fukn/H6RbTQ3jur73sUTElTMDFFREdFMDUxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

OPTIONS
H2 200 /
api.purpleads.io/x/ Frame 0
0 472ms
152ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/?ts=1647709163681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: ca3fe7c9-a911-452d-bf7f-d4f9bc67c7fb

GET
H2 200 / Show response
api.purpleads.io/x/ 9 KB
3 KB 380ms
216ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/?ts=1647709163681
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 367b8c7e8d82fe11021d1487d7bd61c0a6299708f176233c1ab68688a33a60ef

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 0.4.13

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"2554-0nCY/LxlKkcRVKDVgsVRM4NoA9g"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 9dbc3cde-24cd-4bef-ac03-6b7a2b40dc14

GET
H2 200 agent.js Show response
cdn.purpleads.io/ 35 KB
11 KB 17ms
17ms Script
application/javascript 13.32.99.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 23:18:32 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 09:36:51 GMT
server: AmazonS3
age: 63651
etag: "6b17cf687f43a8f73178a58f89d7d60e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 10487
x-amz-cf-id: dk3fxrHV4tI9WY_677UBghP5DDcc5WDeBvlx5zEiZHHlZ6JHwU0UUQ==

GET
H2 200 sm.22.html Show response
static.addtoany.com/menu/ Frame F806 278 B
327 B 72ms
35ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.22.html

Requested by

Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-type: text/html; charset=utf-8
via: e3s
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Tue, 28 Sep 2021 21:02:23 GMT
etag: W/"116-5cd1487afaaea"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
cf-cache-status: HIT
age: 2194191
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ee7c2216d14903c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 init
api.purpleads.io/x/ Frame 0
0 412ms
110ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1647709163699
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: d9b28928-81f2-4bfa-af7b-f343c2ea8ee8

GET
H2 200 init Show response
api.purpleads.io/x/ 68 B
358 B 318ms
113ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1647709163699
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
etag: W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
content-length: 68
x-request-id: 0f9db2a5-507a-4a72-b8b3-207d8d7e963f

GET
H3 200 marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 1 KB
2 KB 26ms
25ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3276623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1470
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-5ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCSkW1%2B3liC2AB6jALXeITPpbkF5zeLCqdjW2Sql3nAqLfqy6Cnootl%2FZhz0Lia%2FOzR53iKaynu3WCe6QCuhi1pL%2FWlKxFcoySPLvFSYx8lLg99g5inxuuWJadY5gYf4zVcHQNamBZiTZy1KrI58IIYq"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c2214a1e9073-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H2 200 3.png
c.tile.openstreetmap.org/3/5/ 9 KB
9 KB 64ms
21ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tile.openstreetmap.org/3/5/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

26bf59068d51ef8e4ea6ecb44bc9afd843fb9c8f671717bdded1c104bf9a75f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "c1f88da0f27923a7dce7af5bd086f76d"
age: 149443
x-cache: HIT
x-cache-hits: 2302
content-length: 9324
x-served-by: cache-hhn4077-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.781666,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=332622, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Mon, 21 Mar 2022 19:52:22 GMT

GET
H2 200 3.png
a.tile.openstreetmap.org/3/6/ 11 KB
11 KB 59ms
17ms Image
image/png 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.tile.openstreetmap.org/3/6/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

d3b7d1167cfdef4fcec1b034fc373993edc5e71888ea71343ac3b383da102405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "49fa9b26a1acb15239d71d1437cbafa8"
age: 230840
x-cache: HIT
x-cache-hits: 684
content-length: 10802
x-served-by: cache-hhn4078-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.780348,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=320557, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 20 Mar 2022 17:54:40 GMT

GET
H2 200 4.png
a.tile.openstreetmap.org/3/5/ 560 B
923 B 58ms
16ms Image
image/png 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.tile.openstreetmap.org/3/5/4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

84ad1e6594f61f772baae22c1b45ba970a1f1dc835ea384528d8122a3451836c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "ea39d7e9e1ee95e9f9ab908089b7c01c"
age: 145035
x-cache: HIT
x-cache-hits: 304
content-length: 560
x-served-by: cache-hhn4078-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.780403,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=333104, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Mon, 21 Mar 2022 21:13:53 GMT

GET
H2 200 4.png
b.tile.openstreetmap.org/3/6/ 5 KB
5 KB 60ms
18ms Image
image/png 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/6/4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

fc6136c1c5333667f0ae10569612d0bcb9ea5dd84df43c0c2d2dfe42bf8def0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "a7241e5525d5aa3341adc3cffdb9550c"
age: 235058
x-cache: HIT
x-cache-hits: 1077
content-length: 4995
x-served-by: cache-hhn4076-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.780787,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=314921, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 20 Mar 2022 15:10:27 GMT

GET
H2 200 3.png
b.tile.openstreetmap.org/3/4/ 13 KB
13 KB 63ms
21ms Image
image/png 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/4/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

d0b273e5d455b060d793512a185e356886739451a754f121d6f057b2b8dcbc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "5b93df72b04e27fa4e5071e9fe96e75f"
age: 231670
x-cache: HIT
x-cache-hits: 3089
content-length: 13200
x-served-by: cache-hhn4076-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.780931,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=315097, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 20 Mar 2022 16:09:50 GMT

GET
H2 200 3.png
b.tile.openstreetmap.org/3/7/ 581 B
755 B 62ms
20ms Image
image/png 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/7/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

67e7067770aa3a8ba335500e060aea040464cd4075a652e7f5e3ca33e5771878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "92d42645368395a804e37292f6e9aee7"
age: 148342
x-cache: HIT
x-cache-hits: 11
content-length: 581
x-served-by: cache-hhn4076-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.780931,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=329731, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Mon, 21 Mar 2022 19:22:32 GMT

GET
H2 200 4.png
c.tile.openstreetmap.org/3/4/ 9 KB
9 KB 63ms
21ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tile.openstreetmap.org/3/4/4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

eea4ee1d8b325d4adfc7dc76cee8f9b065be1263a218959e538f46a07885b731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "4068a80849cae76e91c15bf5eaa120e1"
age: 148425
x-cache: HIT
x-cache-hits: 831
content-length: 9433
x-served-by: cache-hhn4077-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.781739,VS0,VE0
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=338020, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Mon, 21 Mar 2022 21:39:18 GMT

GET
H2 200 4.png
c.tile.openstreetmap.org/3/7/ 6 KB
6 KB 63ms
21ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tile.openstreetmap.org/3/7/4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

014a5d6662d0a603a1ac3bd3f1823fac7a86aff8cfdd3e40ff8ef5f41345a653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "0e61ff3ae809ebcba8c5bdc11b139370"
age: 236723
x-cache: HIT
x-cache-hits: 1
content-length: 5999
x-served-by: cache-hhn4077-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1647709164.781830,VS0,VE1
date: Sat, 19 Mar 2022 16:59:23 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=315278, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:48:38 GMT

GET
H3 200 marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 618 B
1 KB 26ms
26ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4611871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 622
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgk1p9eG08RBaV6zwI%2F%2BzqC9Ctl8bl4ys%2BCXoPgb7QovsEBYGtSwFlLSZYbusI4%2BaWMeBCvD7je8G3aSpKVXE9B84c%2FHEpB9AP0gjE1i48DeqGtPB%2FWloKHED26amuZJz0qWGcO8Ol2a22hZZl302zo2"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c2215a389073-FRA
expires: Thu, 09 Mar 2023 16:59:23 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&RedC=c.clarity.ms&MXFR=35BF35EFEE556E3809112483EA556042
https://c.clarity.ms/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&MUID=0CA8C531F6C5613F1AEBD45DF7176090

42 B
369 B

38ms
37ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&MUID=0CA8C531F6C5613F1AEBD45DF7176090
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:23 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 820255F32A5F40199B167158D7A44402 Ref B: FRAEDGE1215 Ref C: 2022-03-19T16:59:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=58AEB28B79D34811A841052DA965DBC1&MUID=0CA8C531F6C5613F1AEBD45DF7176090
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 32ms
32ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4613437
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6ee7c2216d17903c-FRA
cf-bgj: minify

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 360 KB
143 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 15:09:04 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 60ms
22ms Preflight
text/plain 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-type: text/plain
access-control-allow-origin: https://nets4.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 6ee7c221ac419128-FRA
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
76 B 43ms
43ms XHR
text/plain 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Sat, 19 Mar 2022 16:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://nets4.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ee7c221dca29128-FRA
vary: Origin

POST
H2 204 collect Show response
b.clarity.ms/ 0
170 B 364ms
107ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.33/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 497ms
367ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.33/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 402ms
206ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=0&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=2b524418-c24c-4620-9b58-b62945dd4683&ts=1647709163912
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 632b9ed93fdcc51f1738d5711c52a8e400db279d55ed4b0fe887870c10ef5f96

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"2296-++9CVpZ6aPk1+R8TDZ0B1N6mG1c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 84ad4976-9eb7-4d77-a4ab-7b77ebfdb048

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 332ms
133ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=1&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=6d1a99e6-e2e8-4b19-9393-acda71e32b67&ts=1647709163912
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: cfc3705b48bba127b60aab9fea1356ea773177b720cbad8a3879b50474181f09

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"232e-sctDyB3SM4oD9Ixoeb/lmd3ZXvI"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 987fc90f-84d4-45cc-bbfa-abcb73f32f5b

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 415ms
216ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=2&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c0ba972-dab8-490a-9a0a-574b7ac11977&ts=1647709163912
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 1608d1b3d517d94815eba1a6b65b63119de3ad1ad33c36448f577a8bfc9f016b

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"2296-5mYW/FAzrlDviecQDu1CQUVdKf0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 3e3bce69-f384-4661-8e1c-5ad74d855da3

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 339ms
130ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=3&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1e1050e0-ad70-4ab3-bc0e-475bba4e5d3b&ts=1647709163913
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 1fb723586a9b27d6c5f7f85274b17e8ab83451237a5402908791329357535727

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"2296-0bwrBO7e3QASYRv9hqYkJ25RO4I"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 56cdb3f2-676b-4c8c-a9ee-f4aa495eae73

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 397ms
205ms Fetch
application/json 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=4&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=3edcbe6b-5819-4dd2-891a-2ae296012a37&ts=1647709163913
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: 92d174e1106c5911e2b3f5202e3b2a74ddbefe67de1a5957bd9b53e77fbc9350

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
etag: W/"231d-XOgXwo8wXxc7zto7awSfD71jDHk"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: c201dd78-617b-4695-a23d-3b3b452a1701

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0C02 42 KB
22 KB 70ms
41ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=veskdsnk572q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5e242c81825b17a2aa127593f4da30241f1e76ab44b229e031d956c855d3d5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XMTTreS2tPsJ+6sNnZMbtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-XMTTreS2tPsJ+6sNnZMbtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 209ms
119ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=0&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=2b524418-c24c-4620-9b58-b62945dd4683&ts=1647709163912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 6b5d1571-f7a7-4a59-94ad-6ac45ea0a1aa

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 205ms
116ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=1&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=6d1a99e6-e2e8-4b19-9393-acda71e32b67&ts=1647709163912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: cd378c06-6bfe-46b9-baf3-62c85c5ddcbd

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 206ms
117ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=2&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c0ba972-dab8-490a-9a0a-574b7ac11977&ts=1647709163912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: e41d632e-3311-4815-a5d8-128a96d9254f

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 195ms
106ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=3&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1e1050e0-ad70-4ab3-bc0e-475bba4e5d3b&ts=1647709163913
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 009ca84d-a332-4209-8146-85c1b7240cb5

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 212ms
123ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=4&pid=0b9c600be2d341409bb05b8aa0965483&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=3edcbe6b-5819-4dd2-891a-2ae296012a37&ts=1647709163913
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 38cf6c01-3d16-4263-a66a-21c826966417

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 0C02 51 KB
24 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=veskdsnk572q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 20:48:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 0C02 360 KB
142 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 15:09:04 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0C02 102 B
134 B 27ms
27ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=veskdsnk572q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C7E8 7 KB
1 KB 33ms
32ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cb9e2e2ab5441ca60d0ceaef4bd312c978c740dccac3b6f130100d1e5eebf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PU4YCAndfteQelY/6vNJxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-PU4YCAndfteQelY/6vNJxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame C7E8 51 KB
24 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 20:48:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame C7E8 360 KB
142 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 15:09:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 95CF 81 KB
28 KB 77ms
33ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

8168c547702a981166a187c3b2447f841632377c3e66c1e482f0aaa3b8e6ef16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27822
x-xss-protection: 0
server: sffe
etag: "1162 / 302 of 1000 / last-modified: 1647641112"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F53A 82 KB
27 KB 32ms
32ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

0a7600433acd091184da962ed409c9748e1c2bf72d56c59a284a10a77ba3e883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27979
x-xss-protection: 0
server: sffe
etag: "1162 / 265 of 1000 / last-modified: 1647641112"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 47FB 82 KB
27 KB 103ms
78ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

3a75279726f7fdbc346a1e365d7c61f02547301df903c80e15d639682bdd54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27857
x-xss-protection: 0
server: sffe
etag: "1162 / 766 of 1000 / last-modified: 1647641112"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D3C2 82 KB
27 KB 98ms
80ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

0720b994508a4b42921948e4cfb5df3df04bd62334f240274ff15e37624a640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27857
x-xss-protection: 0
server: sffe
etag: "1162 / 604 of 1000 / last-modified: 1647641058"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 10C8 82 KB
27 KB 75ms
67ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e1e87c4a6000f1cba4487cdc6b93379cfaedd856498a01adfba1cc836c63cbe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27851
x-xss-protection: 0
server: sffe
etag: "1162 / 4 of 1000 / last-modified: 1647641058"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 95CF 358 KB
121 KB 19ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Mar 2023 09:41:58 GMT

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F53A 365 KB
124 KB 24ms
24ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 12:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 12:44:27 GMT

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 10C8 364 KB
124 KB 29ms
29ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 13:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Mar 2023 13:57:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 95CF 107 B
792 B 83ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 95CF 107 B
549 B 81ms
26ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 95CF 17 KB
9 KB 368ms
367ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=848344568660943&correlator=3039175725017911&eid=31064151%2C31065485%2C31065681&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220319&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647709164682&dlt=1647709164452&idt=207&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=4344&ucis=9816wtcvcq2f&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=453713122.1647709163&ga_sid=1647709165&ga_hid=1513231462&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

39599615df59dabdb628f43b1d5936b02ab979d2ec67d042bec7bdbc4f721bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8967
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 95CF 14 KB
10 KB 94ms
49ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e1b5de07c88d19de2db88ad53ac585596bdf53c4b88c39bf1d462dc82a86fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10528
x-xss-protection: 0

GET
H2 200 container.html Show response
de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B5D 6 KB
4 KB 93ms
28ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F53A 107 B
165 B 54ms
42ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F53A 107 B
165 B 50ms
40ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F53A 23 KB
9 KB 242ms
242ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3791331133065993&correlator=2349064933882073&eid=31064151%2C31065691%2C31065615%2C31065658&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=1944610241&sfv=1-0-38&ecs=20220319&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647709164723&dlt=1647709164526&idt=175&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=1422&oid=2&ucis=kk6vhcfiy6sl&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=453713122.1647709163&ga_sid=1647709165&ga_hid=152923424&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

388c18d5e1593b48d9bff0428e6ea123b5e0b5c95def492c581a3fdf0e909353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9520
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F53A 14 KB
11 KB 53ms
45ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329ed08bc137f937798606fdafbf6014bf0d153162b227a22ad7c3b1e5496a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0

GET
H2 200 container.html Show response
b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B768 6 KB
3 KB 71ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 47FB 364 KB
124 KB 16ms
16ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 16:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 16:11:48 GMT

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D3C2 364 KB
124 KB 23ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 13:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Mar 2023 13:57:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 10C8 107 B
122 B 57ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 10C8 107 B
122 B 54ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 10C8 41 KB
11 KB 324ms
324ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213424639995911&correlator=3619168719020242&eid=31060545%2C31065454%2C31064623%2C31065656&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220319&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647709164771&dlt=1647709164556&idt=198&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=2262&oid=2&ucis=bxno3hvyddp2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=453713122.1647709163&ga_sid=1647709165&ga_hid=1098193923&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b66f16045b9d21ad0a210cca4e407a68cc029d77916db1396cb0f6795a4aa58e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 10C8 13 KB
10 KB 33ms
32ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e22df459fd9d942b0744aa6a765e2eba0e0e3854230905cb81fd2ca8ed327955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10425
x-xss-protection: 0

GET
H2 200 container.html Show response
f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 278A 6 KB
3 KB 73ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F53A 17 KB
7 KB 83ms
31ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 95CF 17 KB
6 KB 91ms
40ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D3C2 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D3C2 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D3C2 49 KB
12 KB 396ms
395ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3206868854609094&correlator=1198445477312811&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220319&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647709164804&dlt=1647709164546&idt=251&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=555&oid=2&ucis=l4oh0j6dj12a&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=453713122.1647709163&ga_sid=1647709165&ga_hid=287877057&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

dd79d3b558ef09962158cfb1dbcd2ce1f70e6a8e801f422f6e293305e734473b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12032
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D3C2 14 KB
10 KB 61ms
34ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fa62e802a9a4905de38432c40927e5bf7b0fed172d68c84f07d547b95306484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0

GET
H2 200 container.html Show response
dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EB1 6 KB
3 KB 43ms
25ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 47FB 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 47FB 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 47FB 23 KB
10 KB 270ms
269ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1763298083340917&correlator=1497537816246221&eid=31064835%2C31064905%2C31065672&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=3930092508&sfv=1-0-38&ecs=20220319&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647709164833&dlt=1647709164539&idt=278&biw=1600&bih=1200&isw=160&ish=600&adxs=1148&adys=1298&oid=2&ucis=i49delbuewbh&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=453713122.1647709163&ga_sid=1647709165&ga_hid=588308322&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe0b126832f701992c3ad0dc48807181086930e5893cda1e3cca4420e570831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9889
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 47FB 14 KB
10 KB 35ms
35ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f529f7d09ad4cb1b2951385aa5f92397d5f9d2e1c4c8353abb8a3dc039380903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10580
x-xss-protection: 0

GET
H2 200 container.html Show response
c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C2C 6 KB
3 KB 61ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 10C8 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D3C2 17 KB
6 KB 61ms
34ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 047D 13 KB
5 KB 50ms
28ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 15:49:37 GMT
expires: Sun, 19 Mar 2023 15:49:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 88B8 783 B
537 B 27ms
27ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3087f2d510bb28688b127e87506d38cd08413554903e03d446ad3248bf2aabc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qG6IH2X+z+J/z4JG+k/8OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Mar 2022 16:59:24 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qG6IH2X+z+J/z4JG+k/8OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 47FB 17 KB
6 KB 69ms
48ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 015F 13 KB
5 KB 39ms
25ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 15:49:37 GMT
expires: Sun, 19 Mar 2023 15:49:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE1A 783 B
534 B 26ms
26ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17973b4124c1be38fd6045e55105212c8c50095ba5d8070083dc26e5f1f756bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZtRLK/6rpv0CEmCkR8es+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Mar 2022 16:59:24 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ZtRLK/6rpv0CEmCkR8es+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AFC1 13 KB
5 KB 33ms
23ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 15:49:37 GMT
expires: Sun, 19 Mar 2023 15:49:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 54C8 783 B
534 B 27ms
26ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c37baf6b1d484e10c6d3aa6a51a7bc3b1ed68c12164094b46bd66d99e41c06f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jaHseBCGjhSQ8LAi7ALwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Mar 2022 16:59:24 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jaHseBCGjhSQ8LAi7ALwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 88B8 0
0 92ms
66ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=3791331133065993&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE1A 0
0 129ms
115ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=213424639995911&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 54C8 0
0 117ms
116ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=848344568660943&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F42E 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 15:49:37 GMT
expires: Sun, 19 Mar 2023 15:49:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A09 783 B
534 B 29ms
28ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f384ab908371e4da4bb2a4506a8bd3b3898860e3ad872f18a2e2dd6f3489b42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ScfmE4aAkErVnLZVQ5/dFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Mar 2022 16:59:24 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ScfmE4aAkErVnLZVQ5/dFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame AFC1 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 015F 36 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 047D 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 91AC 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 15:49:37 GMT
expires: Sun, 19 Mar 2023 15:49:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1394 783 B
536 B 26ms
26ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3b395e62cb6f77d59987d0967de8c045202a14af1043778cc7900cd5819a654

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KYBcX2fpvkDv5jOIm4GOMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Mar 2022 16:59:24 GMT
date: Sat, 19 Mar 2022 16:59:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-KYBcX2fpvkDv5jOIm4GOMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1BB 6 KB
3 KB 44ms
18ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/8912e389c1fa0e705d7e1f13b61c5ed7:3db8f05950a535096ab324847a3c42b0a2240b0995009292d4dcf35b2388b1a9ba85de9a029ea7868c27105b4238048c31823cc7ff1323f4555e151329b8bccb36d0f640ea6af3f... Frame 0
0 116ms
116ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/8912e389c1fa0e705d7e1f13b61c5ed7:3db8f05950a535096ab324847a3c42b0a2240b0995009292d4dcf35b2388b1a9ba85de9a029ea7868c27105b4238048c31823cc7ff1323f4555e151329b8bccb36d0f640ea6af3fd8b699676059762fd49cf0b4ce141903919e55c3addf172f7b687f1fe3437657d81feeb1716e2bf3109e65c8ef73544b3a583aceb3bcd352e30db3769005e3371a32e3d555cb044bca41f18935d20f4e4e8a3985ce0ed5718/i?id=987fc90f-84d4-45cc-bbfa-abcb73f32f5b&ts=1647709164983
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: b58a1b70-3fde-44fc-80bd-4e67e1441067

GET
H2 200 i Show response
api.purpleads.io/x/a/8912e389c1fa0e705d7e1f13b61c5ed7:3db8f05950a535096ab324847a3c42b0a2240b0995009292d4dcf35b2388b1a9ba85de9a029ea7868c27105b4238048c31823cc7ff1323f4555e151329b8bccb36d0f640ea6af3f... 0
199 B 124ms
124ms Fetch 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/8912e389c1fa0e705d7e1f13b61c5ed7:3db8f05950a535096ab324847a3c42b0a2240b0995009292d4dcf35b2388b1a9ba85de9a029ea7868c27105b4238048c31823cc7ff1323f4555e151329b8bccb36d0f640ea6af3fd8b699676059762fd49cf0b4ce141903919e55c3addf172f7b687f1fe3437657d81feeb1716e2bf3109e65c8ef73544b3a583aceb3bcd352e30db3769005e3371a32e3d555cb044bca41f18935d20f4e4e8a3985ce0ed5718/i?id=987fc90f-84d4-45cc-bbfa-abcb73f32f5b&ts=1647709164983
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: 71b7f4f9-69fc-47bf-a354-95efcee44ae5

GET
H3 200 container.html Show response
de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D06 6 KB
3 KB 18ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/084d9713b505a3e385ef61716502e182:032e0b06fbccda39b47d8271732f89b1c659e9687dd494e9485754ba87807884966b308fd3a406934e8911ee6dc59835ed22cea6e4a1558f2ec7528c5bea23bd9e5f43fa5ea6748... Frame 0
0 111ms
110ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/084d9713b505a3e385ef61716502e182:032e0b06fbccda39b47d8271732f89b1c659e9687dd494e9485754ba87807884966b308fd3a406934e8911ee6dc59835ed22cea6e4a1558f2ec7528c5bea23bd9e5f43fa5ea6748e1dc7628e46457bade7366d01b85fe64834fdb3898af07699004253f51dca1390a7503865c9156ab5c28049e294f5dc8116dbeb5288c13097e16634f3914703ed33eaea3653c6c580/i?id=56cdb3f2-676b-4c8c-a9ee-f4aa495eae73&ts=1647709165096
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 362c91d9-2156-4509-aaf9-572f2ffe1ffd

GET
H2 200 i Show response
api.purpleads.io/x/a/084d9713b505a3e385ef61716502e182:032e0b06fbccda39b47d8271732f89b1c659e9687dd494e9485754ba87807884966b308fd3a406934e8911ee6dc59835ed22cea6e4a1558f2ec7528c5bea23bd9e5f43fa5ea6748... 0
199 B 121ms
120ms Fetch 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/084d9713b505a3e385ef61716502e182:032e0b06fbccda39b47d8271732f89b1c659e9687dd494e9485754ba87807884966b308fd3a406934e8911ee6dc59835ed22cea6e4a1558f2ec7528c5bea23bd9e5f43fa5ea6748e1dc7628e46457bade7366d01b85fe64834fdb3898af07699004253f51dca1390a7503865c9156ab5c28049e294f5dc8116dbeb5288c13097e16634f3914703ed33eaea3653c6c580/i?id=56cdb3f2-676b-4c8c-a9ee-f4aa495eae73&ts=1647709165096
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: 92cdbc0f-e3a3-4f3c-a536-eed21ec82f83

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A09 0
0 67ms
66ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3206868854609094&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame F518 220 KB
61 KB 73ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 207120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame F518 16 KB
6 KB 101ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 207120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame F518 96 KB
29 KB 102ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 207120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame F518 5 KB
2 KB 108ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 207120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame F518 42 KB
13 KB 109ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 207120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Mar 2023 07:27:25 GMT

GET
DATA 200
OK truncated
/ Frame F518 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 033192b42bd0e1e4a8034c8ad0ee6c1b8c11655b30138137c8261e4dba76c997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 i
api.purpleads.io/x/a/c271a8f4a18c5466cf1bb4775f25c4ce:2352c53ea0efc4f3f6967aebc98615ec082113b25fea8d3cf62d312ed9b6ca661f56cb74dd88f67dfa67828844fab42da1cd94733e4ce585a0336f73f4674d7cc186ffee6abe105... Frame 0
0 114ms
113ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/c271a8f4a18c5466cf1bb4775f25c4ce:2352c53ea0efc4f3f6967aebc98615ec082113b25fea8d3cf62d312ed9b6ca661f56cb74dd88f67dfa67828844fab42da1cd94733e4ce585a0336f73f4674d7cc186ffee6abe1057aa6750f103697cb099ffb816fad3dca7be721a600ec7ba8b4f4948628169459085a7c9596be865d824424eeea24f4c9fb52c40532b51df9f39a9f709086c454d72f1beefe579d89c/i?id=3e3bce69-f384-4661-8e1c-5ad74d855da3&ts=1647709165141
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 290a902b-1e88-4cc2-9ec1-d39e9c3f72af

GET
H3 200 8384494083375365919
tpc.googlesyndication.com/simgad/ Frame F518 27 KB
27 KB 25ms
24ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8384494083375365919?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qldmmZd8a-cE4s_ogJqkEdBYOTH-g

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49229ffcf8e5a275b4633044d25fc23620619378bffef7900087fda0c5721414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:49:25 GMT
x-content-type-options: nosniff
age: 169800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28027
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 08:06:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 17:49:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F518 2 KB
2 KB 33ms
33ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 84130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:37:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F518 295 B
319 B 23ms
23ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:10 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:14:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F518 0
0 26ms
25ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyVNsUjY5sV6z9xmjDu3F7QthU4yuZef__8ZlJQT7l_ghWt0vuemj3_-V1RpzYbkr3eNj5dSC_sSgwI0RLZX278fx-BQ
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F518 0
0 58ms
58ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq1547As2YuL7MZXC-ga8gY_ADsiXl_BoxcTasogP2dkeEAEgudvzJmCVoqCCsAegAazyuL8ByAECqQJLM-igN3QMPuACAKgDAcgDCKoE8gFP0IBDAfLFfnOiY8ljYsRMqn0tjoxv7gKjjGhl4lFhUysytDi-Uy77YiJT_VobHa43jIK6y1iad0FIn4R3CsqWtYrpGyufcL1sCIHUkpn8oLClsuQOYcqyw4PL5RcyiWMlz9xeb6jvB_NrAnTo7r44AMYgIdewgnhRZ6U8CHb3HndD8SSzvEEcIC9Fuzbol2wCRutXd_6tIIB_p4MRqHjIB6llHANohauwHDeNmpF5CAkoFeitVXmtU7RQGEbDaKEID85d_XJmS1rBchd99q4T7-qCanO2KCD5BoEpN3aZSh8GVnHTNivPF_xkJR0vtc6BX8AEh4fM9OQD4AQBkgUECAQYAZIFBAgFGASgBgKAB7yNx8ACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjJUB0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAYi7l3&sigh=YeOnF8YpjSI&uach_m=[UACH]
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 i Show response
api.purpleads.io/x/a/c271a8f4a18c5466cf1bb4775f25c4ce:2352c53ea0efc4f3f6967aebc98615ec082113b25fea8d3cf62d312ed9b6ca661f56cb74dd88f67dfa67828844fab42da1cd94733e4ce585a0336f73f4674d7cc186ffee6abe105... 0
198 B 191ms
189ms Fetch 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/c271a8f4a18c5466cf1bb4775f25c4ce:2352c53ea0efc4f3f6967aebc98615ec082113b25fea8d3cf62d312ed9b6ca661f56cb74dd88f67dfa67828844fab42da1cd94733e4ce585a0336f73f4674d7cc186ffee6abe1057aa6750f103697cb099ffb816fad3dca7be721a600ec7ba8b4f4948628169459085a7c9596be865d824424eeea24f4c9fb52c40532b51df9f39a9f709086c454d72f1beefe579d89c/i?id=3e3bce69-f384-4661-8e1c-5ad74d855da3&ts=1647709165141
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: fb1e2c41-0f6e-4ab5-910b-a9edd976e1ec

GET
H3 200 container.html Show response
c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 11A5 6 KB
3 KB 18ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Mar 2022 16:59:24 GMT
expires: Sun, 19 Mar 2023 16:59:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/4ac15c69ac3bda3b20c576c74ef56c0f:7c801a7f43275da0169968ed738390564cd5bd7c28b2cbf3763c0d2c5051fa698e187e7c9933e8ab0eed8663c4b632b91d2077336b9a282b8dc41f5f2be130f6f78bbec45d547cc... Frame 0
0 111ms
111ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/4ac15c69ac3bda3b20c576c74ef56c0f:7c801a7f43275da0169968ed738390564cd5bd7c28b2cbf3763c0d2c5051fa698e187e7c9933e8ab0eed8663c4b632b91d2077336b9a282b8dc41f5f2be130f6f78bbec45d547ccd04f8dbf62c777d573e917c57c25579f014939de426040a9a14be5d6606e56485ee3ac7750f29a901dfb9f8932b3be65f258790509b09671848628feb86870b2662fafd2015197d33163a7e609a9e5593ea2f12d447ceb895/i?id=c201dd78-617b-4695-a23d-3b3b452a1701&ts=1647709165153
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 57eccf6c-7d8b-46fb-8e1a-b697bdc7a98b

GET
H2 200 i Show response
api.purpleads.io/x/a/4ac15c69ac3bda3b20c576c74ef56c0f:7c801a7f43275da0169968ed738390564cd5bd7c28b2cbf3763c0d2c5051fa698e187e7c9933e8ab0eed8663c4b632b91d2077336b9a282b8dc41f5f2be130f6f78bbec45d547cc... 0
199 B 160ms
158ms Fetch 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/4ac15c69ac3bda3b20c576c74ef56c0f:7c801a7f43275da0169968ed738390564cd5bd7c28b2cbf3763c0d2c5051fa698e187e7c9933e8ab0eed8663c4b632b91d2077336b9a282b8dc41f5f2be130f6f78bbec45d547ccd04f8dbf62c777d573e917c57c25579f014939de426040a9a14be5d6606e56485ee3ac7750f29a901dfb9f8932b3be65f258790509b09671848628feb86870b2662fafd2015197d33163a7e609a9e5593ea2f12d447ceb895/i?id=c201dd78-617b-4695-a23d-3b3b452a1701&ts=1647709165153
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: a82c046f-96b7-4b83-988e-530463ce0d73

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1394 0
0 68ms
68ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=1763298083340917&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F1BB 0
0 60ms
60ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5zUQ7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBL8CT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRktSfyIVznRx9X9T_ftG43Kekx3z4JsxHW62dNt2yS7ObDrmyRsbHOAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=DzboCoEinqw&uach_m=[UACH]&cid=CAQSLQCNIrLMiZ0rgEqVD3pfbrBoihbs8FtFuBEn3FdUYix2t7QiIAd6jJjix1YZmRgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200 ShowAd Show response
brain.rvty.net/RTB/ Frame 7391 2 KB
2 KB 81ms
22ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Requested by: Host: b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
URL: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: a41e54908490d0a2d59573c49303a204030cc3c4d69042a71a3a9225bd9eea2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.13.4
Date: Sat, 19 Mar 2022 16:59:25 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame F1BB 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
URL: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:52:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame F1BB 15 KB
6 KB 26ms
24ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
URL: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:56:14 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F1BB 22 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
URL: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 07:59:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1BB 117 KB
36 KB 73ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
URL: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame F42E 36 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 91AC 36 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0FB7 624 B
974 B 76ms
32ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXtEsO72kZBzN_Os9zGLy4vA67LHBJfZ5wzeoSsuKd5NJ7NjGgS_DJhWiupglmKdNLtB8mas9vLhFk-a0n8MPiPCSw2-JEG6jJt3XWGKCaUTzIAx3eN42kPiM_RMVOkYGD7NVLoEwkdraUvmh_uOii01_9eLELePyEm02xtdin05gE3fLU

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Mar 2022 16:59:25 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9D06 26 KB
16 KB 97ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0vypYbPEbYwV8P-2W9_-YOFWEEC1J3Rb0XJT6R8W5vN9A68-dkLaVpfi025VBRWWX1MRe528xECY4_1IxHVIehWdKAz8w7Y46R2kGg3XDjGk7cHR1FXMCAPBrMusjFM9Fh06HALElzxGH0pxeKUwtH-Akng&cry=1&dbm_d=AKAmf-AYUdIyHxnp8x8pG2zduwd0vA_1kOxpp_66W_BW5T28zIne12o0RC2QMxLDYwbujsdGCFQ34SbnW27HD0-2AX7WMdJ5fRtbxCHCCkN9BbbvSFVg92ZCAfSjpeOE2pX0ENtDKfH6y72mSE8P6HOuqiJeyySGTI1cVtII3fH433eSNtSrw0Jm2iAB0DsYT0CSH1rmH_qHLZGfnqwP4xsSEipbcaZQF-QUT3Vxxv5ordh7iAIo6xG_y3XxWDYo9AGPQpRfv3MF1uC56HGxdDlm-iJ86cEaiK6o-XmGlxTlXb6fc9SFs_z3HTygaHPrLbYY49lsVa0aonXsJ8IVodW_rGokc84mhDgjVNUXx3FPzK5ikX20eir7hjOUZdTt0EcWCwFcJaaRHLhn16iShHC3ffUmmRaUg4gmNXEfj8kabql8Jkf9CihVQanCxH7dDcO9_ZL1TUrqwCkbyfABkxXSC6OxSC6IWhgIFKd_ARG-8qXZGpLyqGWxrv7PKltx3UYPjD3Nbxsd4m3MXplw1bPoaXf8fuRAWjDP-FhnsOHkjR7MLl9z4aMZN_DdYmCWkXZIdP2E4FS9t_Y1RXx2exSPqhETJowinHroi44TMSmCtAt2BSUMihrxZzUvTWE-FNS6vMpYNkA8tXoe-P6b5TclsV9FYjEK60KUPlDKiFTmY-wH04XsXl6gLVA5YcjeTb_cn6PAE9on9WzMWzyfi5lLhLIoxL_RP7oJcky0Pu4VS4Ro4HZ7etOpJECDeyKrn0Msmpm5o7Ya81Ed4I6-oaW1wkXHcJKPyp47x_a9SRta2HGQAlkG6KiL6bxxqZRglGYHjL_UXNPfjwn-pcQwx4yR2dKyi1MI-St5UrdDqh5UVjymjRl6q2SxV9a0uLZvfCfnP7J6RnbcRMf3vdXyH40vZSmrGQyvvHyEaJ29Ipd-Ef1oZHWJk7CcuYyfytbXqZCCcpaNYmVVxmp2pyf3aXPrrityuZtB1yifsabMtxcdTNT5i4Xn386-fHDivMHUiqx-wl7z_dR5hPpOkZqKXuueqeXWkonVe4_DqZO3oSvYTM35QT-KwM4U1WoxM4ZEYZvy8B-lORZLaZpSOTjCqxTfvM81KO9WrdGH_wp-I5CJg3SESuGrJjhNJKsniN6lkyodB3l5qPF5DVphaPXoAANICUAkY2den8UhrHG9UFhhmK3JGwtiRYCmjndkkvxl-AjsmvYimI67ZeCeAvEqrUB8A2YbkC3Dh2Bm13zFNKxEISoNkiaW_xThKFcMrmib9i6E7cwklbD7YHOjFHrdtbueAXOqngIVte_5vVlWyXoHt2DwHMEw-N_WdAeg7dGXlcO2jHgAB_fsTVkcoB-wxKAghZGuFUwawgz0tbTmzEk2TD7zThzrFrLOBxTh5sUbkaWxRESjHgcbb-NzZnfxenJH7G1eZsOISmLTYRlQLxsT0h5UaQ6JR8Tcv4guOklhjLVFMZxgLmH8-4nR60UAWd-nc6UOIi09Eck-ruC1ycucVh3s_BrwQ-ljw1-psHju0RAs0sMo4-nD4Q89JKSHsDzYo3vIqnzRHVl8QrUpvhbBFeRx751pgMnQGcHmKmlbjCr7qjkWa0BujTiO_r8EiEXTPAnI2UD3x9XX8ofcIKgX_y_wBkJmxcefhKm4nFtMwvIp0cAIiK-Q7USwfeUnnQO-1BIOQIkQ1iacz91f9vo07nGZERRBhdH5Nsorg-NYO8vUgVIlJBU_k4AzOBLhXxqLJzRv4tdlopTVMmVwA1j-uc6FYppGOrcEmDJBzLg1sJTCNq1UC2gJiVeMGuqOAlL8jxMYqBpFqWYn9Z12of76lhOt-wy37vyPyY0WFpCoZFz3v8M5a5PnCe-ylRppSUnHZjuRlksrz00kDx18vtd4_udGGVzhEJaZBKZwUlMgkEPqYSEsLXztB4Rnu_rp_O4OSP6Fiwr7JMvztkey_1KCFcVEY9yOMzOGO62mSBXYoklZ7YW5JlK3pSTQh7pq3yyXw11XLWdbxLU8yNCU6Dvc21TD4HdqfM5fQZfayQT21CBhYGr2IqIMaQ6yVzVk6mIdiLjRHcXM7zrML8NMmKx_9Dbk2Uw35TmE1a8MrsWkLqT-f4MDuLHf9Or7PoImFqpTr1rCK3nYmlOUhBb8D11W-cIkn88owRF7nhKT0s7Q_M34o7gS0wLVulm931Q5jApvCyqdzBkOwaiJwp9EI8FUF6lcpa8o0PBbh1BLI2p2P_63B9WHclFsnkoE9P2RhUK226cOeg8dMOe1uGiTB8v3bKiT-JLDCknFw2xx9gk-6WkdPp-Fa4VOG9txnfG-hpJnAI14Kyz3sGoCgvcsLeZNtx6qS6-RmSvw_NXrNz_2O6MBk348SGK_76qNX8I-PmXwRBTEtTIAJOyLk9BIn8xgYictPV09jfLBs8aiGFjGPpOoSM9lVvjeioLXSDEqXGogKMvrUXHLX70X-uHmjczO3I3S9IcfTtrA9S7rbhKEKOWiY8DZxFxAaSCQcYsz8tBv_dQnk1KeIwDZZT44pB7Ip-VjDzfbw5RpkTMMCQypiAJGFVMHz_dvdz3jRZVofzMKs1Peto0vNiX0t0h2WSQJJ9cCMjakgm-ozePJ2VLIdai0sZoZAoW9b36uyfMvf8cpdvSObjsKH3zXZL6oh24fezZv7hsgZ9-gJk6d-Id00Z6F5-1alGczvhFlqaIGDplqM4jKjXXpytpFR6kCxCmcuUXFes9Pkhg3zpjnOa7eGPVL6jIca0dPFterSm9bbDgc37CGyUscA9-KjnZ1tj2Y8Xbrrtm2CJCajZH1avcbFrU-ae81z8UrPkV0ojk7zM52xIy48MlEo-c8sPP1GBaTELhuR2t5OpQJEt9I0zdUfKfvIaqf3Hgq6JfbCaHXdUOzcFVp3dpHnFw8xiFIJGG-S17jRrUU4LgVX_ggqEk255dd_7_y1oAtKzA4FTT0seTAwjeiY2th9Nd5HeOxpKyL7lRZp4H_xgQoZYJ7w8Vpr5mEHa_RjTz8m6TIt2NNiesdvsTqd9Evf7R2muZZAGhVgt8_8lbXRiBZu5KOJkQTH_2mTQDpHOkgPw43O0uyH754hDU6077ks_AHAMNTjkmufexTZeGsZh3uQRGcnYI0oitqzH14uyp00pjuzA_Dqb8PII_T-bNYEoAqofCcd4hwwUhFzw_QtgtSBP8mktv2O45WWJFZCuJchpW3aqD1a5T7R4REVN-8v7ZGVjopZVI70MUL1yBd67Y-1HDYhIzjKHGTpEzotZeB&cid=CAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484c844024dc958f2abc3f32ce3db8023463af46ba4c24b79f40e948d988b587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16161
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D06 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Da_jgOKDP0OqUodqo2PBaQNvy_LZu2teZULk7lb8Kecat07bJ5jTpfB0nOY-nHSY4AyAwIfp2ejCGINokk-1N_oz4n7QrEoQFnyHpcgOa8K6aV8Mw

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 9D06 2 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D06 117 KB
36 KB 71ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 9D06 15 KB
6 KB 26ms
23ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:56:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9D06 0
0 30ms
27ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3MQpc61v2YJ3tf3OlRptYjbOggyl_RczR1Q8243fNueAnTSOMP3_UK3jm6V1mtJsf5-vzIZy_ozjF3j13xIr7eXt6JQ
Requested by: Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 11A5 0
0 56ms
55ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9fpv7As2YtuJNrGXx_AP4tONsAzJntKxXNWdkfdwwI23ARABIABglaKggrAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQLP6TMaFYqyPuACAKgDAaoEwAJP0L5P2kWOE20ZUpY4tSMsXLRciq0QoDd4lPUQNYT2cSDJP5iMUi5zbne7PmjUupqU8I7h-1ifJKvoV5pKujjjHaP44MZ8hYpWJgAui0axBviMq1-GZuwwHBGpz6oYe6hsqoa5zcPbMLxLOC-gDaz7IubDOMnTdSEPgyZtJbdIQluBa7HKa7E8sZUFT4XnBZQZ0YLh8ajI1ImhLEgi-9I-_b8dcW23uXsExD1Yb44PznRHlEg6RvdQ61yfGWwjDL6x1xBPzLc9lHiDnGctJfGzzC9sSuaEoTpOs8X6bYjaElF6ehGpGOWDPI4czVE1q9BV3KSGvCvYLksk-xM4eeKob5ovyP43CkDd72Bt4heMXmFNqFL33M7Q0sp2koAU5cTrCt3FQskq4zw4njadunY3fD_8dCBqQfvamOaVgsVCTeAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=AQV3WekqOhc&uach_m=[UACH]&cid=CAQSPwCNIrLMvbmPYT7V9aTFbZ9FO8QSCzJ22v3M20AW7Kw8CU4wqi6UjMwbe-dM5emn2dSc0opMYDYuDHJn9iF0YxgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 11A5 0
0 96ms
31ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-qXEsY1oAHYBJ2DYgICAAAA11Irpc2LEHFKrf7iTr1B7BDsCzZih4padEuvvYWn4ckAEg&wp=YjYL7AANhNsIEcuxAANp4p0dDYupb0Lj93Mfbg

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 265173
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5403 110 KB
40 KB 192ms
129ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjYL7AANhNsIEcuxAANp4p0dDYupb0Lj93Mfbg&u=%7C%2FM5QkwCnelO151aBeqsi%2BjAYKpfxTq54yjAnMUwlNLc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIAxsbpWuVoK8IhEdp64Axi2OnJubKR1RqnTHVyjiKZAQcd8alEekYaQ81Ggcjufph4I95edU-CHoy9-_h9OPcpNMuQlbz4Y-DPoyco0VhWHZ1LPxQnNl3jxpwXPWCPHxooQJZHCv5RAbe0dWW29TvAT1v9wvuFa5q_U8JVON9ZtWPSOfY83h6e7srT_nJmVnMsM8o9AyEjuQkO3sokHew9QFiPt9SF2aN8A-8DcFb0O-xQEepl-8p0tH718vRrLLppySfeVbRquvX4Bi3bwuDa9eCUL8Gi488oAtVc0QFwvJgRKU5L2nn4wdDHoUKyacTPSXeR7Fftf-HI1bcPKcPXKhafOz8E46VipN43MwJYtH7p95TgodEI8FDUTfwte2ttIMziUWrek_YAtKKcc9KeB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClsXM7As2YtuJNrGXx_AP4tONsAzJntKxXNWdkfdwwI23ARABIABglaKggrAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQLP6TMaFYqyPuACAKgDAaoEwwJP0L5P2kWOE20ZUpY4tSMsXLRciq0QoDd4lPUQNYT2cSDJP5iMUi5zbne7PmjUupqU8I7h-1ifJKvoV5pKujjjHaP44MZ8hYpWJgAui0axBviMq1-GZuwwHBGpz6oYe6hsqoa5zcPbMLxLOC-gDaz7IubDOMnTdSEPgyZtJbdIQluBa7HKa7E8sZUFT4XnBZQZ0YLh8ajI1ImhLEgi-9I-_b8dcW23uXsExD1Yb44PznRHlEg6RvdQ61yfGWwjDL6x1xBPzLc9lHiDnGctJfGzzC9sSuaEoTpOs8X6bYjaElF6ehGpGOWDPI4czVE1q9BV3KSGvCvYLksk-xM4eeKob5ovyP43CkDd72Bt4heMXmFNqFL33M7Q0so0kKGGYkt3GWJZVmr63prAlyKXDHwZZL1IvB3Ms0TEtP4QKEFR8sJOe-AEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1b9uxzwAPO5awdq1_lHvrWfYmy5g%26client%3Dca-pub-5413329544040947%26adurl%3D

Requested by

Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e74e8df75e218a38480d64efe1705a4f159adcf9bb567c55d6e321914e439ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OCUNZqT-Z6CU-zjgRCkndX3iAmQjkh9gg5tBygMak-cC8ITycvborn353RQHXz4w8LSWrwy8W_esMkPKDkUVZ0PoAEURGLFsqAiy-AvDZ6hfjLvouWdKEHRu7sw-ngLFAUc9cuGf_ZDlo6Z4ey4mYG_skh4RoEuWOqNzJHNT1rcftnhqVgn8qZ1b5n5zpxLYVC2HLyxjDJLHtkFaRi0_6EU_nCAhiQt92cY6GGuWTEvcSa9QCKAU4XwgxZ6NoMN3_cYEyQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 102973632
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 11A5 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11A5 117 KB
36 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 11A5 15 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:56:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 11A5 0
0 27ms
27ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnem1G99YUdG4ZzP-3AiZBiv1qaeoz1IfswHE5WbZCwhdMmBK_2bLkChwhGuCekv76WyVvNgvVs2b-42jv0MmFXhd8vw
Requested by: Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 11A5 22 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
URL: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 07:59:11 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022202142035000/ Frame B7CA 220 KB
60 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aba2028fc30fe8d3fa54b0949e19361dde8dc9ff2d7a97f1f057786fa1e1879

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61635
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82f0f2c69874d8b9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:05 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022202142035000/v0/ Frame B7CA 16 KB
6 KB 80ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:05 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022202142035000/v0/ Frame B7CA 96 KB
29 KB 81ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:05 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022202142035000/v0/ Frame B7CA 5 KB
2 KB 90ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:05 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022202142035000/v0/ Frame B7CA 42 KB
13 KB 88ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B7CA 8 KB
1 KB 72ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 15:07:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 16:59:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7CA 2 KB
2 KB 24ms
23ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 84130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:37:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7CA 295 B
319 B 24ms
24ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:10 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:14:10 GMT

OPTIONS
H2 200 i
api.purpleads.io/x/a/5918e1b87202d65ab5e39af9b3842483:2a807d835c4b62e72ab4126e9f5d440bf2f0fb620307c05a6a116532be02b39748054f21e0e79161814e434bd8c3f49eb431baa56e7b14e55f31e42f74d620ede7b77c9b251c1a5... Frame 0
0 136ms
131ms Preflight 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/5918e1b87202d65ab5e39af9b3842483:2a807d835c4b62e72ab4126e9f5d440bf2f0fb620307c05a6a116532be02b39748054f21e0e79161814e434bd8c3f49eb431baa56e7b14e55f31e42f74d620ede7b77c9b251c1a59259afe366e8006b91542b23591882176a8a9058d5fb2726386f00ae7626971329e8cc1bdbc216d9ca23ed5cc407a9c0517e8206d0988de227131ba30ebf1e3060439a618532644ba/i?id=84ad4976-9eb7-4d77-a4ab-7b77ebfdb048&ts=1647709165235
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: c7d8a2ee-11f2-4113-b102-297be2168a63

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7CA 0
0 32ms
30ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQu4TNCoqgiD_0nxp52AFQC8CUHm2lwVzfWHxtVAGuT7TgpGu2ZNcrpu-Gi3x2XjJ1AJq2TFl8kVbNmKthovOsYGkXiZw
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7CA 0
0 62ms
59ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChXIz7As2YuLbM4_m7gPbjJqICKmstYFpp5eUwrAPma7dwMovEAEgudvzJmCVoqCCsAegAYuUkIEDyAEB4AIAqAMByAMKqgTgAU_QMc6h-aQuDRkPaj6ucFlA8vPiPgDIQ40dVX8Z2pf4MUX7gsHLcePHkvIxN11_RUujjWIIyCZFtszzFachXqICMgLiZPulBcHTX_im47cYuL2R3dqL4hmGTaFPVYGsf9loLqtqvkmqDuNZZ4p3OxBwCYZ8kxmOUj9dgSNP1WzJcFPFgY6FJxcUofK99m4tB3AUb9Ed4y1jt7LQXVFrnrb-XSgoQLxL2snYAgc5yntxJOVwdY-pHFT-pzcKtNzvT_3R_B8PQ88mxIDmRoMNhM5VZ5wg4iyVF9huJGU_TAQRwAS8sIDWhATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH3evvfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPD6E9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA8gLAdgTDIgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=ZoXs7Y4jGWY&uach_m=[UACH]
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 i Show response
api.purpleads.io/x/a/5918e1b87202d65ab5e39af9b3842483:2a807d835c4b62e72ab4126e9f5d440bf2f0fb620307c05a6a116532be02b39748054f21e0e79161814e434bd8c3f49eb431baa56e7b14e55f31e42f74d620ede7b77c9b251c1a5... 0
199 B 270ms
269ms Fetch 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/5918e1b87202d65ab5e39af9b3842483:2a807d835c4b62e72ab4126e9f5d440bf2f0fb620307c05a6a116532be02b39748054f21e0e79161814e434bd8c3f49eb431baa56e7b14e55f31e42f74d620ede7b77c9b251c1a59259afe366e8006b91542b23591882176a8a9058d5fb2726386f00ae7626971329e8cc1bdbc216d9ca23ed5cc407a9c0517e8206d0988de227131ba30ebf1e3060439a618532644ba/i?id=84ad4976-9eb7-4d77-a4ab-7b77ebfdb048&ts=1647709165235
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2JhYW50YWRhLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.31

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: a7a37389-d197-433f-b8d4-f311e41feccf

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AFC1 0
9 B 22ms
22ms Image
text/plain 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?prvkzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 015F 0
9 B 22ms
22ms Image
text/plain 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JZPu3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 047D 0
9 B 22ms
22ms Image
text/plain 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D0xiVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 7391 3 KB
4 KB 66ms
20ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:25 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
DATA 200
OK truncated
/ Frame F1BB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fc42d18533ff1301be4134a8c6993b0b8b084b3cd1815991bf20e6f08f47ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0FB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1

43 B
1014 B

99ms
86ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXtEsO72kZBzN_Os9zGLy4vA67LHBJfZ5wzeoSsuKd5NJ7NjGgS_DJhWiupglmKdNLtB8mas9vLhFk-a0n8MPiPCSw2-JEG6jJt3XWGKCaUTzIAx3eN42kPiM_RMVOkYGD7NVLoEwkdraUvmh_uOii01_9eLELePyEm02xtdin05gE3fLU
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Mar 2022 16:59:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0FB7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjYL7WwKkza58eEBobrTuAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1

43 B
894 B

76ms
75ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXtEsO72kZBzN_Os9zGLy4vA67LHBJfZ5wzeoSsuKd5NJ7NjGgS_DJhWiupglmKdNLtB8mas9vLhFk-a0n8MPiPCSw2-JEG6jJt3XWGKCaUTzIAx3eN42kPiM_RMVOkYGD7NVLoEwkdraUvmh_uOii01_9eLELePyEm02xtdin05gE3fLU
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Mar 2022 16:59:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7jP1Mxv8oDulESirL0ngs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 0FB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECUvIs58Hk5dK4y__TEHUiI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECUvIs58Hk5dK4y__TEHUiI%26google_cver%3D1

43 B
1 KB

29ms
29ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECUvIs58Hk5dK4y__TEHUiI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXtEsO72kZBzN_Os9zGLy4vA67LHBJfZ5wzeoSsuKd5NJ7NjGgS_DJhWiupglmKdNLtB8mas9vLhFk-a0n8MPiPCSw2-JEG6jJt3XWGKCaUTzIAx3eN42kPiM_RMVOkYGD7NVLoEwkdraUvmh_uOii01_9eLELePyEm02xtdin05gE3fLU

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9fdb8894-5d0b-47be-87f7-d51c62f917b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca37bad0-8c8b-4a88-b192-8d132dc1681a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECUvIs58Hk5dK4y__TEHUiI%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FB7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNTE3ODU2MjQ4NTg5ODc3MQ%3D%3D

170 B
188 B

116ms
60ms

Image
image/png

172.217.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNTE3ODU2MjQ4NTg5ODc3MQ%3D%3D

Requested by

Protocol

Server

172.217.23.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d2a0c188-cc7e-48c8-8f6f-342aecbbb8a0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNTE3ODU2MjQ4NTg5ODc3MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B7CA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ae1ed118e7eaab3549b5c1829fb521642130d580728c98706956b134618041

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame B7CA 28 KB
28 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 324708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:47:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 9D06 25 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0vypYbPEbYwV8P-2W9_-YOFWEEC1J3Rb0XJT6R8W5vN9A68-dkLaVpfi025VBRWWX1MRe528xECY4_1IxHVIehWdKAz8w7Y46R2kGg3XDjGk7cHR1FXMCAPBrMusjFM9Fh06HALElzxGH0pxeKUwtH-Akng&cry=1&dbm_d=AKAmf-AYUdIyHxnp8x8pG2zduwd0vA_1kOxpp_66W_BW5T28zIne12o0RC2QMxLDYwbujsdGCFQ34SbnW27HD0-2AX7WMdJ5fRtbxCHCCkN9BbbvSFVg92ZCAfSjpeOE2pX0ENtDKfH6y72mSE8P6HOuqiJeyySGTI1cVtII3fH433eSNtSrw0Jm2iAB0DsYT0CSH1rmH_qHLZGfnqwP4xsSEipbcaZQF-QUT3Vxxv5ordh7iAIo6xG_y3XxWDYo9AGPQpRfv3MF1uC56HGxdDlm-iJ86cEaiK6o-XmGlxTlXb6fc9SFs_z3HTygaHPrLbYY49lsVa0aonXsJ8IVodW_rGokc84mhDgjVNUXx3FPzK5ikX20eir7hjOUZdTt0EcWCwFcJaaRHLhn16iShHC3ffUmmRaUg4gmNXEfj8kabql8Jkf9CihVQanCxH7dDcO9_ZL1TUrqwCkbyfABkxXSC6OxSC6IWhgIFKd_ARG-8qXZGpLyqGWxrv7PKltx3UYPjD3Nbxsd4m3MXplw1bPoaXf8fuRAWjDP-FhnsOHkjR7MLl9z4aMZN_DdYmCWkXZIdP2E4FS9t_Y1RXx2exSPqhETJowinHroi44TMSmCtAt2BSUMihrxZzUvTWE-FNS6vMpYNkA8tXoe-P6b5TclsV9FYjEK60KUPlDKiFTmY-wH04XsXl6gLVA5YcjeTb_cn6PAE9on9WzMWzyfi5lLhLIoxL_RP7oJcky0Pu4VS4Ro4HZ7etOpJECDeyKrn0Msmpm5o7Ya81Ed4I6-oaW1wkXHcJKPyp47x_a9SRta2HGQAlkG6KiL6bxxqZRglGYHjL_UXNPfjwn-pcQwx4yR2dKyi1MI-St5UrdDqh5UVjymjRl6q2SxV9a0uLZvfCfnP7J6RnbcRMf3vdXyH40vZSmrGQyvvHyEaJ29Ipd-Ef1oZHWJk7CcuYyfytbXqZCCcpaNYmVVxmp2pyf3aXPrrityuZtB1yifsabMtxcdTNT5i4Xn386-fHDivMHUiqx-wl7z_dR5hPpOkZqKXuueqeXWkonVe4_DqZO3oSvYTM35QT-KwM4U1WoxM4ZEYZvy8B-lORZLaZpSOTjCqxTfvM81KO9WrdGH_wp-I5CJg3SESuGrJjhNJKsniN6lkyodB3l5qPF5DVphaPXoAANICUAkY2den8UhrHG9UFhhmK3JGwtiRYCmjndkkvxl-AjsmvYimI67ZeCeAvEqrUB8A2YbkC3Dh2Bm13zFNKxEISoNkiaW_xThKFcMrmib9i6E7cwklbD7YHOjFHrdtbueAXOqngIVte_5vVlWyXoHt2DwHMEw-N_WdAeg7dGXlcO2jHgAB_fsTVkcoB-wxKAghZGuFUwawgz0tbTmzEk2TD7zThzrFrLOBxTh5sUbkaWxRESjHgcbb-NzZnfxenJH7G1eZsOISmLTYRlQLxsT0h5UaQ6JR8Tcv4guOklhjLVFMZxgLmH8-4nR60UAWd-nc6UOIi09Eck-ruC1ycucVh3s_BrwQ-ljw1-psHju0RAs0sMo4-nD4Q89JKSHsDzYo3vIqnzRHVl8QrUpvhbBFeRx751pgMnQGcHmKmlbjCr7qjkWa0BujTiO_r8EiEXTPAnI2UD3x9XX8ofcIKgX_y_wBkJmxcefhKm4nFtMwvIp0cAIiK-Q7USwfeUnnQO-1BIOQIkQ1iacz91f9vo07nGZERRBhdH5Nsorg-NYO8vUgVIlJBU_k4AzOBLhXxqLJzRv4tdlopTVMmVwA1j-uc6FYppGOrcEmDJBzLg1sJTCNq1UC2gJiVeMGuqOAlL8jxMYqBpFqWYn9Z12of76lhOt-wy37vyPyY0WFpCoZFz3v8M5a5PnCe-ylRppSUnHZjuRlksrz00kDx18vtd4_udGGVzhEJaZBKZwUlMgkEPqYSEsLXztB4Rnu_rp_O4OSP6Fiwr7JMvztkey_1KCFcVEY9yOMzOGO62mSBXYoklZ7YW5JlK3pSTQh7pq3yyXw11XLWdbxLU8yNCU6Dvc21TD4HdqfM5fQZfayQT21CBhYGr2IqIMaQ6yVzVk6mIdiLjRHcXM7zrML8NMmKx_9Dbk2Uw35TmE1a8MrsWkLqT-f4MDuLHf9Or7PoImFqpTr1rCK3nYmlOUhBb8D11W-cIkn88owRF7nhKT0s7Q_M34o7gS0wLVulm931Q5jApvCyqdzBkOwaiJwp9EI8FUF6lcpa8o0PBbh1BLI2p2P_63B9WHclFsnkoE9P2RhUK226cOeg8dMOe1uGiTB8v3bKiT-JLDCknFw2xx9gk-6WkdPp-Fa4VOG9txnfG-hpJnAI14Kyz3sGoCgvcsLeZNtx6qS6-RmSvw_NXrNz_2O6MBk348SGK_76qNX8I-PmXwRBTEtTIAJOyLk9BIn8xgYictPV09jfLBs8aiGFjGPpOoSM9lVvjeioLXSDEqXGogKMvrUXHLX70X-uHmjczO3I3S9IcfTtrA9S7rbhKEKOWiY8DZxFxAaSCQcYsz8tBv_dQnk1KeIwDZZT44pB7Ip-VjDzfbw5RpkTMMCQypiAJGFVMHz_dvdz3jRZVofzMKs1Peto0vNiX0t0h2WSQJJ9cCMjakgm-ozePJ2VLIdai0sZoZAoW9b36uyfMvf8cpdvSObjsKH3zXZL6oh24fezZv7hsgZ9-gJk6d-Id00Z6F5-1alGczvhFlqaIGDplqM4jKjXXpytpFR6kCxCmcuUXFes9Pkhg3zpjnOa7eGPVL6jIca0dPFterSm9bbDgc37CGyUscA9-KjnZ1tj2Y8Xbrrtm2CJCajZH1avcbFrU-ae81z8UrPkV0ojk7zM52xIy48MlEo-c8sPP1GBaTELhuR2t5OpQJEt9I0zdUfKfvIaqf3Hgq6JfbCaHXdUOzcFVp3dpHnFw8xiFIJGG-S17jRrUU4LgVX_ggqEk255dd_7_y1oAtKzA4FTT0seTAwjeiY2th9Nd5HeOxpKyL7lRZp4H_xgQoZYJ7w8Vpr5mEHa_RjTz8m6TIt2NNiesdvsTqd9Evf7R2muZZAGhVgt8_8lbXRiBZu5KOJkQTH_2mTQDpHOkgPw43O0uyH754hDU6077ks_AHAMNTjkmufexTZeGsZh3uQRGcnYI0oitqzH14uyp00pjuzA_Dqb8PII_T-bNYEoAqofCcd4hwwUhFzw_QtgtSBP8mktv2O45WWJFZCuJchpW3aqD1a5T7R4REVN-8v7ZGVjopZVI70MUL1yBd67Y-1HDYhIzjKHGTpEzotZeB&cid=CAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 16:46:40 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D06 41 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 07:58:30 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F518
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

112ms
75ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Mar 2022 16:59:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 8384494083375365919
tpc.googlesyndication.com/simgad/ Frame F518 27 KB
27 KB 27ms
27ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8384494083375365919?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qldmmZd8a-cE4s_ogJqkEdBYOTH-g

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49229ffcf8e5a275b4633044d25fc23620619378bffef7900087fda0c5721414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:49:25 GMT
x-content-type-options: nosniff
age: 169800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28027
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 08:06:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 17:49:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F518 2 KB
2 KB 34ms
33ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 84130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:37:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F518 295 B
319 B 34ms
34ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:10 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:14:10 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5403 2 KB
1 KB 109ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjYL7AANhNsIEcuxAANp4p0dDYupb0Lj93Mfbg&u=%7C%2FM5QkwCnelO151aBeqsi%2BjAYKpfxTq54yjAnMUwlNLc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIAxsbpWuVoK8IhEdp64Axi2OnJubKR1RqnTHVyjiKZAQcd8alEekYaQ81Ggcjufph4I95edU-CHoy9-_h9OPcpNMuQlbz4Y-DPoyco0VhWHZ1LPxQnNl3jxpwXPWCPHxooQJZHCv5RAbe0dWW29TvAT1v9wvuFa5q_U8JVON9ZtWPSOfY83h6e7srT_nJmVnMsM8o9AyEjuQkO3sokHew9QFiPt9SF2aN8A-8DcFb0O-xQEepl-8p0tH718vRrLLppySfeVbRquvX4Bi3bwuDa9eCUL8Gi488oAtVc0QFwvJgRKU5L2nn4wdDHoUKyacTPSXeR7Fftf-HI1bcPKcPXKhafOz8E46VipN43MwJYtH7p95TgodEI8FDUTfwte2ttIMziUWrek_YAtKKcc9KeB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClsXM7As2YtuJNrGXx_AP4tONsAzJntKxXNWdkfdwwI23ARABIABglaKggrAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQLP6TMaFYqyPuACAKgDAaoEwwJP0L5P2kWOE20ZUpY4tSMsXLRciq0QoDd4lPUQNYT2cSDJP5iMUi5zbne7PmjUupqU8I7h-1ifJKvoV5pKujjjHaP44MZ8hYpWJgAui0axBviMq1-GZuwwHBGpz6oYe6hsqoa5zcPbMLxLOC-gDaz7IubDOMnTdSEPgyZtJbdIQluBa7HKa7E8sZUFT4XnBZQZ0YLh8ajI1ImhLEgi-9I-_b8dcW23uXsExD1Yb44PznRHlEg6RvdQ61yfGWwjDL6x1xBPzLc9lHiDnGctJfGzzC9sSuaEoTpOs8X6bYjaElF6ehGpGOWDPI4czVE1q9BV3KSGvCvYLksk-xM4eeKob5ovyP43CkDd72Bt4heMXmFNqFL33M7Q0so0kKGGYkt3GWJZVmr63prAlyKXDHwZZL1IvB3Ms0TEtP4QKEFR8sJOe-AEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1b9uxzwAPO5awdq1_lHvrWfYmy5g%26client%3Dca-pub-5413329544040947%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5403 2 KB
1 KB 107ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5403 308 B
637 B 81ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 5403 507 B
835 B 85ms
44ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 5403 43 B
348 B 119ms
45ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=GpJZK-RbIakkq_TjFMTHcU7Hv_knCzS7JjkefwJi2PEPo8JzZIVitN5ieqGk1mO_QLklHwHLGImyQnzroNNOlOms5QzEllTulozupzAVwNNojzwuQ1kVbIT-Ryp99lFyZovBdvgw0NDzZFqDdyShjmAE9mIKb_koc3MrxEB25mCWRR3lTRE9kAwBViGAeyipsG4lIDlxvZPJh6Mu4hCkITE_LkH4vvLQmB4e4d5M5qQxj2XWetTCsLJLNsjZqVXlEgL-I5z0olwzpT_TAlQ0v9KUWxQyPe6v5F-XZd-QXLAeaoSr9mAxWvOdUCXYqECLdqPNnqZ5kLlpxp4rLz3twZbOXbsfuY4rkkk86XdZnHoXddDLzE774V0YyWbYLNHeVauyZVGGQZMpKezxDLeAyiMQVWxJpHsDmz_4V-Vj0zESqWkqDbNTlCM6h1LAZZTAzCZPaw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2879617
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 11A5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c5cf269abe1783bb143fb554fd859f1f68e76cbe81b2c00969de24c1df25bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B7CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

87ms
87ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Mar 2022 16:59:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK yyxf76b9dn3v Show response
ad.ad-srv.net/zone/ Frame 7391 11 KB
4 KB 111ms
34ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/yyxf76b9dn3v?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 58e4dd70481b323e42aa5cab57a161329714691557c6d9f6a947d4713c200bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3564
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5403 12 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 165312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrGl0j674%2FkvJ0%2FINLmD7DUgYR52%2FTpeuOPC0Us4J7TLKrIxD5Vhd%2FnrbTlB8kdst4iDIZN04EK1WlxlMkNENpgdGsBfy0VfOrvnTf7%2FmJAYUKSL4XPQ3b80xFYrPrKFKZoDpMXOSPPHH%2Baok%2BcYzaNp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ee7c22cec5a9073-FRA
expires: Thu, 09 Mar 2023 16:59:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5403 12 KB
6 KB 78ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7CA 2 KB
2 KB 31ms
30ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:37:15 GMT
x-content-type-options: nosniff
server: cafe
age: 84130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:37:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7CA 295 B
319 B 32ms
32ms Image
image/png 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 17:14:10 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 17:14:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CD3A 708 B
367 B 75ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 16:41:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 16:59:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzExMjBlZDg5MGM1MTI2MWVmODkyYzA1YmJiOTNhYWVjLnBuZw.webp
s-img.adskeeper.com/g/3805644/328x328/126x0x430x430/ Frame CD3A
Redirect Chain

https://c.adskeeper.com/c?pv=2&v=0|0|0|Q75YUczgpKtS3uNqwdzEyGQ0ofhchzfsYlmUYE8Ebv8wNF_BhC6qggRmexSjIn0W&cid=1220981&f=1&h2=8b31n8beMzk8yeI5fFFBq1nYBMDsdrdvSouDgBMShQA*&rid=edeab7f8-a7a5-11ec-b5b6-e...
https://s-img.adskeeper.com/g/3805644/328x328/126x0x430x430/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzExMjBlZDg5MGM1MTI2MWVmODkyYzA1YmJiOTNhYWVjLnBuZw.webp?v=1647709164-HO1nu9cSucrHjqpxyZaV...

13 KB
13 KB

80ms
52ms

Image
image/webp

104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3805644/328x328/126x0x430x430/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzExMjBlZDg5MGM1MTI2MWVmODkyYzA1YmJiOTNhYWVjLnBuZw.webp?v=1647709164-HO1nu9cSucrHjqpxyZaVEV_RjlqCZzF9VN8wp3u1B5c
Requested by: Host: nets4.com
URL: https://nets4.com/domain/baantada.com
Protocol: H2
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b9f64929b29af868355af6e5a1f4d12015022de8f07f2b8e511f84414514e68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:58:45 GMT
x-mg-request-uuid: 721ea9e0-5a51-4c69-a4e2-1ce9a09c7d71
age: 4702635
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ee7c22e4ed76937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13492
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e0841c8e-e6b6-46fc-a0f9-cb4d232cfa6c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.com/g/3805644/328x328/126x0x430x430/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzExMjBlZDg5MGM1MTI2MWVmODkyYzA1YmJiOTNhYWVjLnBuZw.webp?v=1647709164-HO1nu9cSucrHjqpxyZaVEV_RjlqCZzF9VN8wp3u1B5c
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ee7c22dbe186937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 i
api.purpleads.io/x/partners/3fc23174a14bc6524dae201be006789c:6169528cf10777692b60a53b5f7a8fb36464c7421a14e09aa0bff8468fa95c43fb54b2e613061e4f774268de604bfe419a48a79386a82ea8ed3ef5b3cdca1f1317062706... Frame CD3A 0
198 B 266ms
265ms Image
text/plain 34.233.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.purpleads.io/x/partners/3fc23174a14bc6524dae201be006789c:6169528cf10777692b60a53b5f7a8fb36464c7421a14e09aa0bff8468fa95c43fb54b2e613061e4f774268de604bfe419a48a79386a82ea8ed3ef5b3cdca1f13170627064b646788ac3849ad38b68c719b0913ab50667b509eb976a4d1082449/i?id=9dbc3cde-24cd-4bef-ac03-6b7a2b40dc14
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-19-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: api.purpleads.io
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: c1b20d6d-0e2c-47c2-8b28-5213168cdcfc

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 9D06 11 KB
4 KB 131ms
39ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D
Requested by: Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ed942a053ce68146318b33525d1c1b74c221c88a7e5485c3b86b0117fc485a25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3944
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5403 13 KB
13 KB 110ms
37ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F181017%2Fa165609b423c4c0c8975927ff1343dbb_logo_n_horizontal_3.png&v=3&w=316&s=dM_GJDNlPGevNpqH742kIydo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7996a2c42b41ee74b83cdf8353e0a250be9fe58c0d6635af33ef905134e848ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28639938
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13318
expires: Tue, 14 Feb 2023 04:31:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5403 110 KB
111 KB 156ms
83ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F220121%2F92b5f690a6b8408d984b8f518338803f_img_vertical_1.png&v=3&w=1200&s=AYY999Il8WOJ3gQTcg7FXH3R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

96743af5f2e2935bf5c85e78a6b76fcc20cfb66d79b956eb89e33002c44e4bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28840154
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 112990
expires: Thu, 16 Feb 2023 12:08:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5403 9 KB
9 KB 146ms
73ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22uspr_y1837_pnk.jpg&v=3&w=400&s=6qZ0v-8-xqFvLgdCWPpGL4YN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

624031fecd95922cb3c81e0893abcd85526e436b00a4f907d9962676b7bed6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=58856
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9016
expires: Sun, 20 Mar 2022 09:20:22 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5403 0
128 B 118ms
41ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=OCUNZqT-Z6CU-zjgRCkndX3iAmQjkh9gg5tBygMak-cC8ITycvborn353RQHXz4w8LSWrwy8W_esMkPKDkUVZ0PoAEURGLFsqAiy-AvDZ6hfjLvouWdKEHRu7sw-ngLFAUc9cuGf_ZDlo6Z4ey4mYG_skh4RoEuWOqNzJHNT1rcftnhqVgn8qZ1b5n5zpxLYVC2HLyxjDJLHtkFaRi0_6EU_nCAhiQt92cY6GGuWTEvcSa9QCKAU4XwgxZ6NoMN3_cYEyQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 19 Mar 2022 16:59:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5403 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5403 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Mar 2023 16:59:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F42E 0
9 B 37ms
37ms Image
text/plain 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vI6BJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0680 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 07:59:06 GMT
expires: Sat, 18 Mar 2023 07:59:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 118819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 5403 2 KB
538 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 16:48:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 16:59:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 16:59:25 GMT

GET
H/1.1

200
OK

request.php Show response
ad2.ad-srv.net/ Frame 7391
Redirect Chain

https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...

2 KB
1 KB

158ms
95ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5415696685165&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 66357ac62f231ae569d04ccc8f85553c571688cf670d944c2f94b67a70df648e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 91435900117200100906795011903002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 888
Expires: Sat, 19 Mar 2022 16:59:26 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5415696685165&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 19 Mar 2022 16:59:25 +0100

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame CD3A 23 KB
23 KB 78ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 250110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 91AC 0
9 B 39ms
39ms Image
text/plain 2a00:1450:400e:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9aK-yQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0680 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 16:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:13:43 GMT

GET
H3 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame 5403 15 KB
15 KB 55ms
42ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v18/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:32:15 GMT
x-content-type-options: nosniff
age: 300430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15440
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:56:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 05:32:15 GMT

GET
H3 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v26/ Frame 5403 16 KB
16 KB 69ms
56ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:01:43 GMT
x-content-type-options: nosniff
age: 287862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16828
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 09:01:43 GMT

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame 9D06
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

190ms
115ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f0880ce3c616613da6b926b03ce530265a89a65a1c52cd1b48bc4fc039eafe91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 78573500141119700710612011903015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1103
Expires: Sat, 19 Mar 2022 16:59:26 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 19 Mar 2022 16:59:25 +0100

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 128ms
128ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.33/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0680 0
20 B 83ms
83ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhVbh7Qs2YsufD4WCjuwPupeNmAwAAAAAOAHgBAI&bg=!EhGlEVXNAAba2mK92to7ACkAdvg8WsGLxpf9D8ZvyBUtwiALEDiIGBl2KP5XB-iExwtR3lJIXyjnCgIAAABrUgAAAAJoAQeZAzWYNH6gHnSvffMvDZ671rEG5E0bCHrKhCQkRu8e0gnKGy4p_P0ndGMcbjjuc7fTRQc6LIj9dRaQn4XUORh-8zRT8u-dtjqQeaFYJnavxSHyWb4vxJHH1WNBMvQrZyqwpacgJX-TTqJxbJP3kqJf7zjwpLho649qDRv332ydVdJyFhQGyGRajcnQFKvZmU5Oy6G9XJHz3zoDwwZe_EGE2ceyLjPl-4vedImf85ZngiCtiP4hESQn4C0DkhKPM8dyaOqaThoQZx5a7jPPdWog7bhHbz752q8ZMFUsDlQEiKyPL01tDlpMzVn5VcZg4JpSv2DCJotW02x0ddbcAw1JPTTTkx1cCGn4Qmv666TA4Z3RpW9UwP3Hx2TA5X6LLjrU14FcJAc9TkPpnvL65pAIbauposFMzwleFMx9lpx43xBgXrrePLbEbuRwNExyoulSFlSLrjEoSMKTFY7BzhGaZZD4asQp6G4moPOJJltBQX7lziWGkVlOCATcoc69loR0jCUn9d2oqJzLMOdUi-ixqXaKl0iF_PMIscs76Z13WaRjgSZr7_Z5EwKHyZFH56xwrLS23HSj_qBaS-ohNs2Wd5UF7YowExFM9W0O0nyEHcf5V_TocoTP9UbbhlpKUeck-GlNYlqXvk7CtEKPC1dxjTmO_XrqmRfKGnX929tTMCF3kSU3hh2onEbsYa6COHHRTQVkhImYOlxzn1Dx0y1EFz2PHPBvnHQzBEgvMYoHD_LqrxqUAOmNtDUqJm0mDhOR5bVsYOtqgUOLuXm5q9k5Twt-8fB5pJiC_mvXPwQucFbk3qM09_u0bmvk937ehB6qItAbYF3Hcls6IZAZ5PREd_epYb3MBe1Kpv9J3j_SJYqZtNGKZAwaakgwsFKHcrO2IQehlKfd4p1FZ4Hig_pW2rt4xjcaSs0CQSKLFJaukkd4WHlkISKNtcfBPE6E7iwFCvTyWVIO_-N1OVTf6sjgXnAbdLKxSuht1h3phil8ekuvl_lWmoxoztAACd12sZ8qomB33lHU2To-1nNolip13Y7hqu1ktLwAytpImWAl4eVyJHJGBCwvotV-rIOjGvuEFPzDRKrXNA

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95CF 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=848344568660943&bg=!x8SlxIDNAAba2mK92to7ACkAdvg8WsxoqFp04G8jVZmLFETyztJLN38FfobPn4ldadI7soCeUBSEqgIAAAHLUgAAAANoAQeZAwN6Qxj4KjTDfMw-BwgWLh03yRoWd-cZXBTArxU4zd-CDqs656j0h6tKH_5d_1ztbLhaIMn1_ITFbLGkVEbhCIFO41stkEGi1Lb_idZcgnDW-a0WxLyBmgB71DMg3GWoBx05IS5Ozcr0ya76foc-A-dR1vLk3-Vp6AtXVRkWAE6cSgXMbHlH4hc-cbg6axM6KJFvr9ei8m_5wpY1lwwGU6yrTMyvROB6-WVh1R53O01awGbrb0S34g-zgxEiI8Ljv5EBgIXsw4QopyWbaOoJAjqLsppxzcDLqvrJxcJl59pdsB7ZsEbxAeii6ihSrjTj2YeW0uAcvYW718F-Qh5ORrC5I-NXSAYw60A1O1-D_cX29RfHHaBBU13F6ep5VKUxy2AZCgauaHejhAjHzl9OAMrEGdraJJgOwmBhytW-_vj0Gbqp-c_DZj8RgtUy63HXC6-jxbuaiE0_NhSko2dqzi5Ixb2nSQiRLiwzcVcSpW4CvNHkyfY6AWFz78KyHpQ2LWfiiSDY0gewwvd1hgny6Ynz5IeSeXazpJqos7O2qXY8YEmbhLaDd_O0pTY95uiepIG3LzYbKWdjopbSx-0EO1S-ZHvaN-Um7a-Qjhl_gqFVj_nw9uN5CRyX7079mxllxoxKx3uBeuWbPM5rySHuNjg_3fH1eQZ_Jv9_vQaFsv-NrVgd9la0QQAN83IeHKtIaMXoEzUwndfY7C__srRRcrKJaIiBJkt5Jtz84mEPJf4pupfeWPAcJizk9njrOnLKnHqV80h50jHugPkiaNDI_cGzvzLUhVf0qz1GGz8ZgPO-tUhjVvIOrF2kbzksBAeesFdern_PEDvgr7ohX-YC37ABMrkng5Vt7Uv6xgP0eVeXtafDtZXAhzJWZ5xPzWMl7rK43RgVJ68rNLKEP9qOIReWbn3HjwZERHkjRFZ-p-0yz8jpaFeEN_fT_JODkw0B6WB-kkV8CdK8uEO1TfDcsmvPmqw9M2gD26p4LVLXBMOzIPdJyar7m1Q3ESOBPLc-VLkkx28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10C8 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=213424639995911&bg=!g4ClgMTNAAba2mK92to7ACkAdvg8WjdIWQi1oA27y7C5kUZQ_TQOx-XYiOc5hCMX6qJXUpK75gWQqwIAAAHiUgAAAAJoAQcKABbcmoH4ZHqYYjE91EnNFV8m2YlLWVy-mQLlzvf4qt5EtHFZONfJJwMx6ifKKQge037F6a_qkqFHEFnEzY2odUBwqLkErmatf2c7bl5vSvzwQQItJjsOSyoDRtlRURP1aYRzXaCgrxXwAcDq_u-G98UK_jTWDKwtPStDfCFPjrfe4O1IQOMy_hm66osqTTv32vm6_zgoIUX_skJYsOso4dIaBjW4z3WcFnrM-pnYrerO0Jakiias10aNMj5L38iuPG5N2QMCnqTrnzUpKF8chrYGri3fvWensvFqKF3CRuilhblkSiJYCEywzSCfk6KgDLiMQwFIea59FJeTKOamxKlN9Umj_pLa8nQEZHbe24JLiqcY6LOFDwRMPTgaWVYWkjdSS0Wke0RWU80nuCQj29D1xXVU1sHypOK3F5I9wWQjNwyuWy8V-6j9CXK0RNr4fR-prXhKVxY9oekjaX96KQfjNEGrEvIZFS_9_yDNVGpxyjvZ9rsN6nlIXlV230evX4I7FtZRbeUKcT9MPWTumyZMg4P5_6x1pTIGnMiZDGPR1rHh8Ur1a9HHZ9E1AuB-qJV_BTIHcEsjCT9ndjPflDQDoF-yf4HUhJiyVWeXC-gUcntqFm9WhocwskGVMXNqR7G-fkUEKEDfVm66ojSs28O_YMLv9j86G0mnXa2i_3bnjEXdKtNQfyFuvfnA_K9Ek_O11zWKAthBbLDnMzQmXupu5HhNjxMGPltQunxpGDYf6jRk8PsBTZSQ3dYiwjFkYs1fkqxJv5XoAvNU5sb-9dpjB0NxtkLHVAPHpoPNS0edBrpW92rzaM1R7L3Z93X9XiRw3lwM8ycUCF_9WbupdxRAAifx8TQVJfleXZgNhUFBU42BkNfGl5wL1G2HpGTiFpm9zu7lMM_z7_n9je44IO9pIpa1WQOnQtysAIGM15-lro6k4ENNAuhUdo_aI5SPkUmHs91SnpCWVZXTkDkVDWm2QZvIbDPNEKZFWghxGl1gY3p89-UP_qnJeyT0QTSt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F53A 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=3791331133065993&bg=!GxilGFzNAAba2mK92to7ACkAdvg8WnhX2YM8w3m6eG9oyXzcMGA2-uq3i_NqcSZvhuoMmMpKVBIHdAIAAAHaUgAAAAJoAQcKAFgr9ogcxUR7_fkfvTmunHVrP0er5EkTh9BdMOXcpt3Y6hryEH8soqNZuQrJqZVMbo_VoIuGmOngP1qRIpeszUdcPRlNSMTTmloQVUlkUE5_JJCiPNsoC7R6mQLoZ8pkEvfK7FIF4_w-kvZijbqPnshgF_tKCtfXAmCp4sYszyxCnFKw6d6dituG_1jdZpwZyzyz8lP7Y4wOBU5jHJq28RBOJxJ6xu68rpn0PcQxfWKeaKg9aGAR-j-oO0rRtqCilfA_5uDuPx4QLG3TCDVYBKsFS2_jwFekfBhFjp3f9s6EuUCWEEZO0H_EoccfsL2Ta_UsZdWx2fpEOfGD2cQeam_jzGIUE7_hWo4_Yz7-ve0YV5_YysYY3nt5R2KUA4spFc4tfLIhcf_bZuY1ouil6uArKA9aeVHUuzdYpKgExWRLeWkLWO_yHCgeWxe7QnS5arQUA1g-tXqIXaCWOEQ_fDnapLzAIRHiaCEicWvitIKJeoT3gmxzuuyBZb3yxXZwJii1ddQHWLJGdoYn0WS9N95abZViIt1tp73OHNiz4j11yclS5dhDSQ8qJ_G3vgiqbOcEa7agY4V55Z3OzuA91S5NKgCiRz2HsaVu2OwwSKLm-ADePYfUkLZnHOurBQj3yJ6EDKLhntCi8V42cm70ZH-tUttoOfgtEWXNRHKYMc52dZc98JkluZWuePQuSqVN2adsTkSV2Xu-uVUH6m0ALHTObVgVyvRXyCOww-lsw5UEM9kv61JfYziRyoysQckdvDqHn8gBvtrxcj7Elzd2vayzrCBAjTRvUUa4XyiVb-n-etmD9NEjX7Uem_wq5rrLBYhIGXmgScdleNUP3px6KMMCstqkADDsBWXkPI1DtmNbItxpaL8GZZY3sJFNqsMPk8V2bkPR7YeYLKKMCx-HG2QiqwleOFRFqI1QcZDIk3g4n8oHFoQA0tzc0RJ2KiJ2rwhHUZ7W60pJJEqXvVOKJOcgIV2Avl_SliSIASqa_3aJSlQga3eroTOLpdSbUzNPnm48C-_BcAsGJwYEoQUcpC4wcKaTcNdW_2jbrL8hGLzNkNwqau-2FZKNi2W4TC0bmnezMKRtD5_-OtFkmZRhYu_J1rAV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame 1AE2
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pv=1&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=eeed8a30-a7a5-11ec-98fc-223366d53764&v=11354&r=278235&q=371933&s=2470167&viewref=91435900117200100906795011903002&pv=1&gdpr=&gdpr_consent=
https://www.conrad.de/ztpv.php?awc=11354_278235_1647709166_eeed8a30-a7a5-11ec-98fc-223366d53764&insert=AW

0
727 B

119ms
68ms

Document
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_278235_1647709166_eeed8a30-a7a5-11ec-98fc-223366d53764&insert=AW

Requested by

Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request.php?zone=yyxf76b9dn3v&nw=14&renderingType=javascript&namespace=a35f53ddfb&subid=&uid=b9c1f385c5627302&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195238%2526t%253D1647709165233%2526l%253D411157%2526p%253D3%2526appid%253D%2526aa%253D62360bec-000d-713a-0a7b-bb0d560aeab9%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fb563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5415696685165&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/

Response headers

date: Sat, 19 Mar 2022 16:59:26 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=9e3ad7ac3fa9c74a
cache-control: no-cache
expires: -1
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 125537373
age: 0
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6ee7c231789f9268-FRA
content-encoding: br

Redirect headers

Content-Length: 0
Location: https://www.conrad.de/ztpv.php?awc=11354_278235_1647709166_eeed8a30-a7a5-11ec-98fc-223366d53764&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Sat, 19 Mar 2022 16:59:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 816A 43 B
704 B 69ms
21ms Document
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519511&v=14098&q=368694&r=278235&pv=1&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Sat, 19 Mar 2022 16:59:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK 777bd5a420f1e98f2e63f2d600b0d120 Show response
pv.medialead.de/trck/epv/ Frame 7391 931 B
1 KB 188ms
85ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/777bd5a420f1e98f2e63f2d600b0d120?subid=91435900117200100906795011903002&ctrack=[RD_ENC_CLICK_ENC]

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

cffb207350c21cca54e3d4571d7ba920311da76b077189aca95d4fdf77969e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFA5:DCA4_91EFC182:01BB_62360BEE_F88E152:F724
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript; charset=utf-8
Cache-control: private
Keep-Alive: timeout=20
Content-Length: 931
Proxy-Host: pv.medialead.de

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 9349
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=78573500141119700710612011903015&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78573500141119700710612011903015&actionid=981741&produktid=&dt_url=

0
629 B

183ms
98ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78573500141119700710612011903015&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 19 Mar 2022 05:59:26 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 19 Mar 2022 16:59:25 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78573500141119700710612011903015&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFA5:DC98_91EFC182:01BB_62360BEE_F84694C:F726
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027

GET
H3

200

activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677 Show response
5994599.fls.doubleclick.net/ Frame 1CB4
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677?

391 B
348 B

71ms
37ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677?

Requested by

Host: nets4.com
URL: https://nets4.com/domain/baantada.com

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

41f20f74d1cec2e4488ad58dbd54ea16fec2af37cb045970f57ba1c2dc5a97c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Mar 2022 16:59:26 GMT
expires: Sat, 19 Mar 2022 16:59:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Mar 2022 16:59:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame C34A 7 KB
2 KB 69ms
22ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0c9333eaad&subid=&uid=dcedd76c192be338&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMlVU7As2Yu3nLMqAx_APobukgAm1zfmDV_zYuavlDPAuEAEgudvzJmCVoqCCsAfIAQmpAs_pMxoVirI-qAMBqgTQAU_QN1cgqOfclUCGSQMZkF0AEGOgOMUvyRz_aBhHkv7x9NmIOamXGwBShxVOaXN6VvuT8oGF8yl4dZEt5HCjvcYIpRlsr5Q25lrtrb-6yZurUo7ob2YXRzYE1xcTLQlMfSr9xzU6ui7wZdpXdWAU7HvfkEAYK5R9m4ev91wCTks7P36qwE8jMDupH8aAl1xueIm6Z808fwhkpuGd3W_NhmpfiSjAiOixtqMu3N8syJjulO-Qqd2wiAZ2hZ4BtXQ1T99l1rdTyprIbr8ViTeORdLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoaUTYir4gBEbYH3U2jKaS-sEi93HsIABq4d7hNClNXKwBm9vV7Q%26sig%3DAOD64_3ceJCoXuhHRmzf9AtxRq-K6MnUMg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-BM5phpVY9bSn3m481rmr7-GBGN7dXbtJnO_kJxuHst9y63To0qLhg-KpyeA_zemTQGBVTgtivyY5nWdB2tCOfbfTDQPgv-J1Lt0ZAZag-Sfsds1ciHCgGVTLC-cdCKw3bd_PVwLHzMZCXS-QX9lTBYpX_sZw%26cry%3D1%26dbm_d%3DAKAmf-Cfp61A6C3dHAZBEGb8IF5Zstf5T4JJnxFCkPmZpshyXjkrUMa86INheSHtemYbe6x_P2COaKae5ci7S3Bv00cXeWh5GneIQG-MErCao_9_yAhIZoKI_XD44szfRMNdz5VB0zfYZobFSbK55soNKXVjvNZSKuyrU5mL77nenBwbmdafOOOEk5IS5x7v_1587drcHor7NWz0yrONo6LjPRAIvMQthJBf1O-gVpzjq2g2Wy1K18CBg02FmNVxY10XKBndBjkZBTlVdGMtM7dUDtGOe8lQdZGY-wwpGo2at0NDsaUHadVMCXhxltBer0CJZyzleQ9-Kb9nY3fcXulMXxOwLqX4dtbmyAE5zT9WypE_1RBoE8_tFtHFx-wGcnZnoOO6CbyOkrH0JAnECr_MlslRzmiBNs1A5VQSb8fQrsw9NOOSUKcPpmurqTmikgvjgRKVwPzMF4vXe8IkUa4g_tmJoMeAeg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3312034531222&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 31c2a47dae00ce2de554aecd20d0050db43773a0f895ab7f7491f4dd6e14ef11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 19 Mar 2022 16:59:26 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2064
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 9D06
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=78573500141119700710612011903015
https://ad-server.eu/wm/pb/native.png

68 B
312 B

209ms
39ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 17:04:58 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFA5:DCA6_91EFC182:01BB_62360BEE_F8888D7:F725
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9D06 43 B
702 B 54ms
22ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=78573500141119700710612011903015&pv=1

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9D06 43 B
702 B 53ms
21ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=78573500141119700710612011903015&pv=1

Requested by

Host: de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
URL: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 16:59:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 9D06 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53dbb25348f3de45ae2a70333b9c2185e9d24cd1f9a99cf86f34eb101c9ced39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame C34A 1 KB
419 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 15:01:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 16:59:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 16:59:26 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C34A 16 KB
16 KB 85ms
25ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 9e2671ceb2183f4b6972a92da7ca0d0343380615295dc1b9d3a31f7ec77945a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16464
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C34A 17 KB
17 KB 85ms
25ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: b1c2035996fed568f86507120543658990c2341feb1612571b48220efc3716be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16818
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C34A 14 KB
14 KB 86ms
26ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: eb5670e3b0d2aa94a7d36f600a94f204912660a3b7cfc350d6998e4ab22a85e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14132
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame C34A 0
150 B 84ms
41ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=78573500141119700710612011903015&a=660e4d01&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=78573500141119700710612011903015&a=e24db5ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3C2 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3206868854609094&bg=!MjGlMXXNAAba2mK92to7ACkAdvg8WnwyjDkuCQbtaolecfdJeJOfsTqOJexQms5mJcyIHpVtWVvu3AIAAAHEUgAAAApoAQcKAJaeP0ZMT6-4yxle7QyvsnkqQawuqzfsaqegyPfWQ5Q9ZrzBWiiMoWFKCNhcwMwdVjteridDQ1km1jgBDudQMnK3I4zqexDabHkXaSZtEgnICjgpoP3mxpa38zpKS7wnhCSqBPuSE_Mt3Qtwb3hK1JTqRMRvLu_KlQxGa-ugBBuoYa3Wc0Ek_F2DZzrOiuzHLbpA01n0d3GZAu3oOaYluGggXC2O2DlWIshi91weUEtzamLdgy-WlBRFO-yoN_4pTb97IpVkZPytqBeSjSG2AgvlQxPTKXB7PlN8m6wN6If_j7TEYhjuG_vkqCAIZZ9OOf8a8rkui2Z4SVlslCwDyf5RySdcltWQysptviIhYSs4Qeb2toyYOwZbR6RQ8sRCdk_svm5vvKV8sULPttNE7QjhP15J8nhGZCv4hxxQP4aZx_aTdiUTThyDlww-ZrMVORnJ3M6l_Ib9I0mN4vhYjlxR3nVOkb7Hy9OvT0vdN3NYYFjvO8Puc6UUFcn7a_LDGqdds8les43LDYzRAv1moAbC0zeJRriD9hlSHcDdlADsdVwksVej4nUkYtJVtyB3b8ExpquXtypihsBwAq7FaTCNJvMgsL__nhyYD5GsfHfFOUwESO7mT4pUO-heVE-tnWOMmXonz6sBHNj-0MEcApx14YJGdjcnwVGDWMYrFsSj6yugP_1C0Lww2kkUCPx56TaJBQLeIUZ6RousfB7_ZRJhIP9ipEhHAweorbm79IVbmA63tIpZ5B9NDnZVHvum8Vo_uR4of_GQTgF6qQ2_oKB4pEsvR9o7Aw3yw-4uJxAiHb6e6Bn9V4nuxAREZ6sjkutsD5PdVv0Bamxh98mnljkl0t2mvqfjerAUI7OM9y0XYx_oaSNcN1ymf5ZFmVqXwzTGANhrw9tvQkX8cKboB3iDs8w9HKYyMa1HUtDWwTXj4C6-LkWfB9Ga0CJAPqRxroir37Lz3i5sHpNnBIjFgwmna1MVsfw_Iwj-1cZFsR_dg6T7BQ3n6O-k2Dab10ZOjTctIlW1eY6XLiGdq69TKNphXS0nwRCmFe_iAOf2DQZnvw2S1TK2oqEv3BJYEeZhZMsdmjjT8Qj7pjnLNOn6hKGmtkjMV52wQK-_aM2zv-YLNeCzCAJH17tcujyJ9Zdi6wnyNZvtZmgybW6_65T29IYsNp-mk4LqPYFBpGfY7RZgtdAmRp6aCQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47FB 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=1763298083340917&bg=!UVKlUhbNAAba2mK92to7ACkAdvg8WvOZGqMAyqWZF8JoYAJbOTS2PkdS6oEwY20gHfnZE_LinQxvgAIAAAHLUgAAAAFoAQcKADrXRB-dEbrW3L6qUbqdN0W_9bxD-AvXZV_v-kMwji1T0GWSkCjLiIikpRa7OLGT6cF4bt2mTi9ass96mQLtJUmmmPER73DHtKjEo-T7sta2MBYTl-0kwHEWZuWBfBMYAwNDPPNax3epNg_qL9vxeyvRiwFIoRIpq64Y9OShwNnA5zecVuLQcARMMbD609nywH8xdFtKlqJramaC41R4WcLB8wa3WaZAvtTWwGychnlE5j439gx91UN1gD_-X0ge6lWtSCGNCdU7rdeg8pwkv8TgZxF6hZEa5BxC_WdnMyg5w40AXbHJnrEe05_RYZiMurj5M6uaodWqFTPe_alzUh85p4is6-teqlwlwgU9nEKhOk5vzlTyxFhDQNRAskuMHxL1aZFdSxnDvv1hvXFJKMuBWohxbGvBkyFmvVyqUkPVp8i1iP4egdiT9Y24NYg00jFPG_-Z1yYZkMNL9Hd2QxCb5aAayPNNAT7B1D-LDiax9oq_7Jyn3ZZOh5F9sl3vjFhWTJM9Fl3mB_dwuForaIm0wVglmNHVmyGJuOdUlxElKMm7diposH6OStGmtp2sbBr55AvAatY5-Nv0aGoPTSK1VFoCsRObB_nwaBIRUlga_ddegNNqKqhWrkIxzbnQPJ9fRCGX1Q4P6CmJx8TV65lTXQQZcTTIuiNkIpGFWMWO8FufDKiwkCxc7_bWtkWZdHsd8az2vITmxEU36vPhvVwX3aHwehbOkcVIvkkNpcfOXEx2gajSdTjKF0Up5Ctbi_VF584IS7xL_Sho5JDAehgvMehkNYFpxwgb5I6R7okQ28_2t1tGzo32s2olUo8NERzpjxJPLQizCm91b6ZtP01NPb4ZLAtcJ7xq5vQJVF4o0kenqfK60_2WyxWfDDlQ51B-j961Gkmmgf5zELejG-b2zOJNuwHVlgfGR0CgcCSUi9vf_Q2zEcLjuh_t-Xweut5tPkPzQ8ktOlt3wB8X7GxToapfP0jm2NJAs7giy_5I2oSc3ON_W74-T8Qlzj7HjRFG6fZ39YxYu-rKc6zW7mlEm3N1AtvTN1O8Fg5GxiVRq7jJXssDqx3HZN8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view.aspx Show response
pb.media01.eu/ Frame 53CC 0
201 B 181ms
99ms Document
text/html 88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=91435900117200100906795011903002&actionid=981741&produktid=&dt_url=

Requested by

Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/777bd5a420f1e98f2e63f2d600b0d120?subid=91435900117200100906795011903002&ctrack=[RD_ENC_CLICK_ENC]

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 19 Mar 2022 05:59:26 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 19 Mar 2022 16:59:25 GMT
content-length: 0

GET
H/1.1 200
OK pb_ratenkredit_160x600.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame 7391 14 KB
14 KB 260ms
74ms Image
image/jpeg 54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_160x600.jpg
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 15a725aba814e5482334099de61998b00bee38c8c24b42f34563ada600b877b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 17:04:58 GMT
Last-Modified: Wed, 02 Feb 2022 09:48:01 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "61fa5351-37c8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14280

GET
H/1.1 200
OK request_content.php Show response
ad2.ad-srv.net/ Frame E412 42 KB
8 KB 89ms
24ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 9e073432d1b51be28bc653261fcb589caf893dc211a7ad3ac3d572467059ad95

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 19 Mar 2022 16:59:26 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7924
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 86C4 91 KB
91 KB 62ms
61ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

GET
H3 200 dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677
adservice.google.com/ddm/fls/z/ Frame 1CB4 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2VrvzS0vYCFZwbBgAdKSUKMQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6877358805429.677?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 86C4 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=90&adWidth=728&adFormat=4&adslotId=&siteId=128293778&bannerId=195238&e=3&p=YjYL7AAL2EUK4BwLAAUTQSVTPbsFssjRsHgLJQ&penc=&bp=76923&a=62360bec-000d-713a-0a7b-bb0d560aeab9&n=1&geo=411157&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fbaantada.com&rawReferrerURL=&uid=99a11208-12b6-4390-9c67-5b73eaa17ded&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHM4B2AOgAY6A2dshQQcReJTwRiAOQDqlAM44aAUxlo8AEzwALFRCwBaWSqUAzKoxVZKjGnACsdTgBYHAXyA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_Ri7As2YsWwL4u4gAfBppSICeb-o_dc7ousiF_AjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N8gBCakCz-kzGhWKsj7gAgCoAwGqBMICT9Dtv_9qmBMFbMhR3PYB-31D8VHmHxwT0VgzdJuAb4xu8gvtpEJB-wFfED7k3tdmJqJdLNr0kN2WFP3Ro2p6dnTn-yyrg_hnTd0AcWWDrw9SFCin9yh_SARAOUMxjNKkFnLAqmS-xf3ngRfgc9-ddYcosojyVGd3cPzldua7oob1fLXyDrqXrhFtVzrs_f2wJWzQmgntdv_Wyk9BBHa5IdDHdBQdBJvL4Udl8rA5pFXb7l99973T4-BJ281cGmGZBmMTZKfiNDk4cUEBoLhNCrxpYa2r9BpHuQuiWYSXdtHwldOZ4sB7uQVcOAXOZO_x1z7ygzDj-RsaelBD5YWXwTJ-pxp7nUUE2-80HpJkEFkoexBTm-KJRksQfQOHRLm3zYOVtHCYzf1o6Qn5TZEfBZcrsvX5NfnQQCJuIcUj4HLiiuAEAYAGhaG2iNaE0KsRoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Kk3y8rH2LV4iicT1wv7oI8xFymw%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad2.ad-srv.net/ Frame E412 0
150 B 66ms
23ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.ad-srv.net/viewability?s=91435900117200100906795011903002&a=f3f38103&vb=m
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

easter_120x60
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame E412
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=ef14e851-a7a5-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=91435900117200100906795011903002&gdpr=&gdpr_consent=
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif

15 KB
15 KB

77ms
18ms

Image
image/gif

178.79.242.245
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif

Requested by

Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd

Protocol

Server

178.79.242.245 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-245.fra.llnw.net

Software

Cliplister GmbH /

Resource Hash

fd69041cd34fd4720f2c8b5537d10bc66a2f9c2400bd1ced969eb47b84827f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
etag: "622f390c-3a23"
last-modified: Mon, 14 Mar 2022 12:46:04 GMT
server: Cliplister GmbH
age: 101948
date: Sat, 19 Mar 2022 16:59:26 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c06
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc4S19QQnp6M05xQjdEeTBzUEhMb0xnQVQiLCJ1dWlkIjoiMjE3ZmNhYWNjZTdhNDFkMzkwZjNjZjNhM2U3OWY0YmEiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0=
x-llid: e599d29f95f6f7ba3cf5d99b83a42333
content-length: 14883
accept-ranges: bytes
expires: Sun, 20 Mar 2022 12:40:18 GMT

Redirect headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
media.kaspersky.com/de/affiliates/ Frame E412
Redirect Chain

https://www.awin1.com/cshow.php?s=2519511&v=14098&q=368694&r=278235&pv=0&pref1=91435900117200100906795011903002&gdpr=&gdpr_consent=
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png

17 KB
17 KB

119ms
61ms

Image
image/png

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png

Requested by

Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd

Protocol

Server

185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

856852b25e43cc608bab831b720a6360c85817aeaa21a0aff8e5130205f13fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 14 Jan 2022 13:27:39 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "c684b7804a9d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
x-server: fr2/KLM8
accept-ranges: bytes
content-length: 17190
date: Sat, 19 Mar 2022 16:59:23 GMT

Redirect headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK postbank_logo.png
cdn.contentspread.net/oliro/advertiser/44034/creativesup/ Frame E412 4 KB
4 KB 103ms
23ms Image
image/png 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/advertiser/44034/creativesup/postbank_logo.png
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 5f2695d54097bc89d68dc354c208fa3e950c079e6c38af92d874aaec87d41bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Last-Modified: Fri, 08 Feb 2019 13:50:55 GMT
Server: nginx
ETag: "5c5d893f-f4a"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3914

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame E412 3 KB
3 KB 107ms
20ms Image
image/png 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad2.ad-srv.net
URL: https://ad2.ad-srv.net/request_content.php?s=91435900117200100906795011903002&a=666a42cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad2.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 19 Mar 2022 16:59:26 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:49 GMT
Server: nginx
ETag: "57a48d4d-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B7CA 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi6cVifX2enfqVq_JIHbD2K3HPr4Q89Q_dq__uiJEgylHjT1Q6sAg8rc61gzVt3QgqRo6Er9FXfBZ0sFVNiDc7XRcV_m8stEC5D6Hwek-JK04iEPXQ3w&sai=AMfl-YRIqyHt-xgYmsYZQvDQ9TuNQqlDBY4UNkBn_bXPQ-dGcjhsTFKoKA4f019Ht3SVVflUvm7r3GNNI1hOrVk2vdYqVaSaL01X8hMUDSsKskPsHz2Y-3YMlN9KDFoJOeLo&sig=Cg0ArKJSzLRm7ZlEHX4bEAE&id=ampim&o=294,555&d=728,200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=475&tls=1475&g=100&h=100&tt=1475&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4203880072

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 16:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 105ms
105ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.33/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Sat, 19 Mar 2022 16:59:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nets4.com/	1970-01-20 19:13:01	Name: _ga Value: GA1.2.453713122.1647709163
.nets4.com/	1970-01-20 01:43:15	Name: _gid Value: GA1.2.1910208924.1647709163
.nets4.com/	1970-01-20 01:41:49	Name: _gat Value: 1
www.clarity.ms/	1970-01-20 10:27:25	Name: CLID Value: 20a1306da7a74f489a6b228161443e36.20220319.20230319
.nets4.com/	1970-01-20 01:41:50	Name: __cf_bm Value: fkX0NyPqFRDos96HYP5qDIjt4xM82dkIMLznlFhrB68-1647709163-0-AeEcul9WC05KiZj8vZsK/CDny0++UkIXUIPX+J0tEmMveOllQ5S6Gba84b0Ugo50v0jL3TjPzSflY9hQyBrT9ceq5oynMTUVjCMbpDp1DVwPC9FvX8tN0RvFJ6Nnij77hg==
.nets4.com/	1970-01-20 10:27:25	Name: _clck Value: dhj2we\|1\|ezw\|0
.c.bing.com/	1970-01-20 11:03:25	Name: SRM_B Value: 0CA8C531F6C5613F1AEBD45DF7176090
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:03:25	Name: MUID Value: 0CA8C531F6C5613F1AEBD45DF7176090
.c.clarity.ms/	1970-01-20 01:41:49	Name: ANONCHK Value: 0
.nets4.com/	1970-01-20 01:43:15	Name: _clsk Value: sj2tyz\|1647709164110\|1\|1\|b.clarity.ms/collect
.nets4.com/	1970-01-20 11:03:25	Name: __gads Value: ID=ebb4341cff1033af-22a8d38761cd0021:T=1647709164:S=ALNI_MYXqCx_G9EkuuiT603ym6WxvSpoyA
brain.rvty.net/	1970-01-20 10:27:28	Name: RTBUserId Value: 99a11208-12b6-4390-9c67-5b73eaa17ded
.doubleclick.net/	1970-01-20 11:03:25	Name: IDE Value: AHWqTUnhVLSUDIkFChql3haNVzw1wgnJSDTYIlsroQRi_raodyfZS79ucJID1kiMb30
.casalemedia.com/	1970-01-20 10:27:25	Name: CMID Value: YjYL7WwKkza58eEBobrTuAAA
.casalemedia.com/	1970-01-20 03:51:25	Name: CMPS Value: 3186
.adnxs.com/	1970-01-20 03:51:25	Name: uuid2 Value: 6225178562485898771
.casalemedia.com/	1970-01-20 03:51:25	Name: CMPRO Value: 1213
.casalemedia.com/	1970-01-20 01:43:15	Name: CMST Value: YjYL7WI2C+0A
.adnxs.com/	1970-01-20 03:51:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><wN(=V!]tbPl1M>e)ZlrFUfJ+tGXxoaFYRQ@[N-oRFt=EpEYNqb]'0o$Zsm)S5c^m'3If)y3KL9D3I?+/@$.Lt
.doubleclick.net/	1970-01-20 01:41:52	Name: DSID Value: NO_DATA
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: m2jpDAnZPhX9
.ad-srv.net/	1970-01-20 03:51:25	Name: kdb0xdq3ls8m_uid Value: 728ffbc6d6e5a159
.redintelligence.net/	1970-01-20 03:51:25	Name: 8lcfmzhxc8d6_uid Value: a0f3013430026ff6
.casalemedia.com/	1970-01-20 10:27:25	Name: CMRUM3 Value: 2d62360bed2760CAESEE7jP1Mxv8oDulESirL0ngs
.awin1.com/	1970-01-20 01:51:53	Name: awpv14098 Value: 278235\|1647709166\|eeedd850-a7a5-11ec-81bc-2262d3a2196d
.awin1.com/	1970-01-20 01:44:41	Name: awpv11830 Value: 296283\|1647709166\|eef0e590-a7a5-11ec-98fc-223366d53764
.awin1.com/	1970-01-20 01:44:41	Name: awpv22610 Value: 296283\|1647709166\|eef0e590-a7a5-11ec-81bc-2262d3a2196d
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470167
www.conrad.de/	1970-01-20 01:49:01	Name: HTLP_timestamp Value: 1647709166
www.conrad.de/	1970-01-20 01:49:01	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 01:41:50	Name: __cf_bm Value: RjRj7UJzc9jKVRNlD_3fX1dxy.4QDYLtGmGUJf_AOxQ-1647709166-0-AZyRN3cOE6XbI8DtAjLt0oxB0wBmJQOil5dfaSuX75G/f1uW03JA2VfNdbiCH7VsoaIzzzuiO8+5fInLQ6/QiXE=
.awin1.com/	1970-01-20 01:46:08	Name: awpv11354 Value: 278235\|1647709166\|ef14e851-a7a5-11ec-81bc-2262d3a2196d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379079:2519511
.zenaps.com/	1970-01-20 01:46:08	Name: awpv11354 Value: 278235\|1647709166\|ef14e851-a7a5-11ec-81bc-2262d3a2196d
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1uwpxyevwenffeqfmyvecda0
pb.media01.eu/	1970-01-20 19:14:27	Name: DTU Value: 8E32B8B1703FCBACD564D711D87AB619

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/022202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tile.openstreetmap.org
ad-server.eu
ad.ad-srv.net
ad2.ad-srv.net
ads.eu.criteo.com
adservice.google.com
adservice.google.de
api.purpleads.io
asset.conrad.com
b.clarity.ms
b.tile.openstreetmap.org
b563ef100ce8bda3fdebb59e73f7cc1f.safeframe.googlesyndication.com
brain.rvty.net
c.adskeeper.com
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
c5cf07cf109f8b46a6559d845402b203.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.contentspread.net
cdn.purpleads.io
cdn.rvty.net
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
csm.eu.criteo.net
dd40cfdf6ae711dec1416e9366e0223d.safeframe.googlesyndication.com
de3d8ba11396f9e52d6ef2033c786005.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
f033701268cb1e9ad1c2b2e1bb31a51b.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
ib.adnxs.com
img.nets4.com
media.kaspersky.com
nets4.com
pagead2.googlesyndication.com
pb.media01.eu
pix.eu.criteo.net
pv.medialead.de
rtb.fr.eu.criteo.com
s-img.adskeeper.com
s0.nets4.com
securepubads.g.doubleclick.net
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
tpc.googlesyndication.com
www.awin1.com
www.clarity.ms
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
104.108.145.8
104.18.17.65
104.92.94.3
13.32.99.31
138.201.135.164
138.201.63.145
142.250.185.198
142.250.74.194
144.76.104.53
145.239.193.130
172.217.23.194
178.250.0.160
178.250.0.162
178.250.2.135
178.79.242.245
185.85.15.31
20.75.32.255
2606:4700:10::6816:47c5
2606:4700:440e::ac40:9c1a
2606:4700::6810:135e
2606:4700::6812:7e05
2620:1ec:27::cafe:1774
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400e:803::200e
2a00:1450:400e:811::2001
2a02:2638::18
2a02:2638::2
2a02:2638::3
2a04:4e42:200::649
2a04:4e42:400::649
2a04:4e42:600::649
2a06:98c1:3120::7
34.233.19.159
37.252.173.27
46.4.10.47
52.142.114.2
54.76.176.197
85.114.131.234
88.198.250.30
89.163.211.233
89.163.211.242
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
014a5d6662d0a603a1ac3bd3f1823fac7a86aff8cfdd3e40ff8ef5f41345a653
033192b42bd0e1e4a8034c8ad0ee6c1b8c11655b30138137c8261e4dba76c997
0720b994508a4b42921948e4cfb5df3df04bd62334f240274ff15e37624a640d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a7600433acd091184da962ed409c9748e1c2bf72d56c59a284a10a77ba3e883
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e74e8df75e218a38480d64efe1705a4f159adcf9bb567c55d6e321914e439ff
0fa62e802a9a4905de38432c40927e5bf7b0fed172d68c84f07d547b95306484
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1318d9d360aa384ac8b04ada8b0f827ab2f56aec2ca07685b5fca44aff8f31b8
15a725aba814e5482334099de61998b00bee38c8c24b42f34563ada600b877b0
1608d1b3d517d94815eba1a6b65b63119de3ad1ad33c36448f577a8bfc9f016b
17973b4124c1be38fd6045e55105212c8c50095ba5d8070083dc26e5f1f756bb
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
1a6c73c1d9e406a88330f4d563918c3f39a6b12474811ba58dd6e98861aee2c0
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1fb723586a9b27d6c5f7f85274b17e8ab83451237a5402908791329357535727
1fe0b126832f701992c3ad0dc48807181086930e5893cda1e3cca4420e570831
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26bf59068d51ef8e4ea6ecb44bc9afd843fb9c8f671717bdded1c104bf9a75f5
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
2d58481293f923b082713cbc47188d69c7ade2927742561b30d38e7f23045f71
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
31c2a47dae00ce2de554aecd20d0050db43773a0f895ab7f7491f4dd6e14ef11
329ed08bc137f937798606fdafbf6014bf0d153162b227a22ad7c3b1e5496a02
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
33f820c33074a8332f0a72349309504670818bc9f8a3f1958ba03bc0cebd5ad2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367b8c7e8d82fe11021d1487d7bd61c0a6299708f176233c1ab68688a33a60ef
388c18d5e1593b48d9bff0428e6ea123b5e0b5c95def492c581a3fdf0e909353
39599615df59dabdb628f43b1d5936b02ab979d2ec67d042bec7bdbc4f721bf9
39e824edae83c07e028360bc3703ceee3da89b20bcbcbe411ab8ddf157ead414
3a75279726f7fdbc346a1e365d7c61f02547301df903c80e15d639682bdd54b9
3aba2028fc30fe8d3fa54b0949e19361dde8dc9ff2d7a97f1f057786fa1e1879
3f384ab908371e4da4bb2a4506a8bd3b3898860e3ad872f18a2e2dd6f3489b42
41f20f74d1cec2e4488ad58dbd54ea16fec2af37cb045970f57ba1c2dc5a97c5
4471359477a8db8ef0258d87965167be5c16f941a3858a624e3225fbbfe3a6e6
484c844024dc958f2abc3f32ce3db8023463af46ba4c24b79f40e948d988b587
49229ffcf8e5a275b4633044d25fc23620619378bffef7900087fda0c5721414
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b447fea9e58612e227abdc4ddc5291460e8381c2aaa2e22e36939f964b2dd94
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f64929b29af868355af6e5a1f4d12015022de8f07f2b8e511f84414514e68
4c98667e67feefb55890e10697381b63dc2e5765e947d025e0e114779a801dd5
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3
53dbb25348f3de45ae2a70333b9c2185e9d24cd1f9a99cf86f34eb101c9ced39
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
58e4dd70481b323e42aa5cab57a161329714691557c6d9f6a947d4713c200bc8
5c37baf6b1d484e10c6d3aa6a51a7bc3b1ed68c12164094b46bd66d99e41c06f
5e079f888afda924898dede26575e46f50ac8eba0f1d031396b80a051b3800eb
5f2695d54097bc89d68dc354c208fa3e950c079e6c38af92d874aaec87d41bb9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624031fecd95922cb3c81e0893abcd85526e436b00a4f907d9962676b7bed6f7
632b9ed93fdcc51f1738d5711c52a8e400db279d55ed4b0fe887870c10ef5f96
66357ac62f231ae569d04ccc8f85553c571688cf670d944c2f94b67a70df648e
67e7067770aa3a8ba335500e060aea040464cd4075a652e7f5e3ca33e5771878
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6c6acc32b5e96760ac6461f89c8d9ac11681aaaa3873093924a1a566118d34b6
6fc42d18533ff1301be4134a8c6993b0b8b084b3cd1815991bf20e6f08f47ad3
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
76ae1ed118e7eaab3549b5c1829fb521642130d580728c98706956b134618041
7996a2c42b41ee74b83cdf8353e0a250be9fe58c0d6635af33ef905134e848ae
7a7a8cbc07bdb24148bd90abacbb2babe5982cb3b78e1cb51ef2962d85dc67dc
7a904efb11efa9b681d38a81016769a0bc1f56d9b94c46f50a30d4b11e75cfea
7af71645d4cbc1b518e70cab09e991180d344e49aa9510c5512957ad62f4aea7
7b4f8178ec5033c0b1f76b629fac7363e610a0b83e13c7efab44fb74f8a7b938
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8168c547702a981166a187c3b2447f841632377c3e66c1e482f0aaa3b8e6ef16
84ad1e6594f61f772baae22c1b45ba970a1f1dc835ea384528d8122a3451836c
856852b25e43cc608bab831b720a6360c85817aeaa21a0aff8e5130205f13fc4
8c5cf269abe1783bb143fb554fd859f1f68e76cbe81b2c00969de24c1df25bef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9004b9eb5fe0374dffa1ddebb5ed6bb7f27be22ab7df259187536d9de77f2f29
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92d174e1106c5911e2b3f5202e3b2a74ddbefe67de1a5957bd9b53e77fbc9350
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96743af5f2e2935bf5c85e78a6b76fcc20cfb66d79b956eb89e33002c44e4bc7
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb9e2e2ab5441ca60d0ceaef4bd312c978c740dccac3b6f130100d1e5eebf98
9e073432d1b51be28bc653261fcb589caf893dc211a7ad3ac3d572467059ad95
9e1b5de07c88d19de2db88ad53ac585596bdf53c4b88c39bf1d462dc82a86fbc
9e2671ceb2183f4b6972a92da7ca0d0343380615295dc1b9d3a31f7ec77945a8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a41e54908490d0a2d59573c49303a204030cc3c4d69042a71a3a9225bd9eea2e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c2035996fed568f86507120543658990c2341feb1612571b48220efc3716be
b66f16045b9d21ad0a210cca4e407a68cc029d77916db1396cb0f6795a4aa58e
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
c5e242c81825b17a2aa127593f4da30241f1e76ab44b229e031d956c855d3d5b
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c90d0d189a3137ab8f34e604a6d974b6a07cf2e94d9646b957e384746683970b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbbad52ea5a7c7664761a59301ceaeee0efbe793db0ef799a89670584da9934
cfc3705b48bba127b60aab9fea1356ea773177b720cbad8a3879b50474181f09
cffb207350c21cca54e3d4571d7ba920311da76b077189aca95d4fdf77969e75
d0b273e5d455b060d793512a185e356886739451a754f121d6f057b2b8dcbc2c
d0eca0035829eb8fc2f39f02c5f8d7521e492caf6fccc556255c561d6fa4d269
d3087f2d510bb28688b127e87506d38cd08413554903e03d446ad3248bf2aabc
d3b395e62cb6f77d59987d0967de8c045202a14af1043778cc7900cd5819a654
d3b7d1167cfdef4fcec1b034fc373993edc5e71888ea71343ac3b383da102405
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d993c78391c7e6b919f8e8e957031f9b09ee3dd13f37c4a57d8e2fbdc505d3a8
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dd79d3b558ef09962158cfb1dbcd2ce1f70e6a8e801f422f6e293305e734473b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1e87c4a6000f1cba4487cdc6b93379cfaedd856498a01adfba1cc836c63cbe0
e22df459fd9d942b0744aa6a765e2eba0e0e3854230905cb81fd2ca8ed327955
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
eb5670e3b0d2aa94a7d36f600a94f204912660a3b7cfc350d6998e4ab22a85e7
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ed942a053ce68146318b33525d1c1b74c221c88a7e5485c3b86b0117fc485a25
eea4ee1d8b325d4adfc7dc76cee8f9b065be1263a218959e538f46a07885b731
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0880ce3c616613da6b926b03ce530265a89a65a1c52cd1b48bc4fc039eafe91
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f529f7d09ad4cb1b2951385aa5f92397d5f9d2e1c4c8353abb8a3dc039380903
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8
fc6136c1c5333667f0ae10569612d0bcb9ea5dd84df43c0c2d2dfe42bf8def0d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd69041cd34fd4720f2c8b5537d10bc66a2f9c2400bd1ced969eb47b84827f88
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

nets4.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

287 Requests

95 %HTTPS

50 %IPv6

34 Domains

61 Subdomains

52 IPs

5 Countries

3383 kBTransfer

7757 kBSize

37 Cookies

15 Outgoing links

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nets4.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

95 %
HTTPS

50 %
IPv6

34
Domains

61
Subdomains

52
IPs

5
Countries

3383 kB
Transfer

7757 kB
Size

37
Cookies

287 HTTP transactions
6 data transactions