mikeonline.com Open in urlscan Pro
209.126.30.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mikeonline.com/
Effective URL:
https://mikeonline.com/
Submission Tags: falconsandbox
Submission: On March 08 via api (March 8th 2023, 8:32:55 pm UTC) from US — Scanned from DE

Summary HTTP 366 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 35 domains to perform 366 HTTP transactions. The main IP is 209.126.30.224, located in United States and belongs to NEXCESS-NET, US. The main domain is mikeonline.com.
TLS certificate: Issued by R3 on January 20th 2023. Valid for: 3 months.

This is the only time mikeonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 54	209.126.30.224 209.126.30.224	36444 (NEXCESS-NET) (NEXCESS-NET)
7	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
12	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.42 18.66.122.42	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:48f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	65.9.95.71 65.9.95.71	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.117 65.9.95.117	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:1600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	20.49.104.0 20.49.104.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	52.89.38.199 52.89.38.199	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
9 12	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
12	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:53b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	52.239.246.4 52.239.246.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
6 6	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
3	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
3 6	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
3	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
3	35.177.30.54 35.177.30.54	16509 (AMAZON-02) (AMAZON-02)
3 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3 3	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
3	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	65.9.95.31 65.9.95.31	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
6	13.41.33.70 13.41.33.70	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
366	53

54 209.126.30.224 (United States) 1 redirects

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-139961.us-midwest-1.nxcli.net

mikeonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

campaign.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-42.fra60.r.cloudfront.net

c.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

embed2.audioburst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:48f9 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

pushtoast-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.95.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-71.prg50.r.cloudfront.net

cdn2.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-117.prg50.r.cloudfront.net

s.jsrdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.49.104.0 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sapi.audioburst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.89.38.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-38-199.us-west-2.compute.amazonaws.com

aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.171.53 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:53b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

storageaudiobursts.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Böblingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Böblingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Böblingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.246.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storageaudiobursts.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 145.239.193.130 (France) 6 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.30.54 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.23.99.218 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-31.prg50.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.41.33.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	730 KB
54	mikeonline.com 1 redirects mikeonline.com	564 KB
41	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 137377	219 KB
25	aptivada.com campaign.aptivada.com — Cisco Umbrella Rank: 50374 cdn2.aptivada.com — Cisco Umbrella Rank: 253571 aptivada.com — Cisco Umbrella Rank: 49145	2 MB
24	redintelligence.net 3 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32554 hal90007.redintelligence.net — Cisco Umbrella Rank: 240353 hal90008.redintelligence.net — Cisco Umbrella Rank: 335820 hal90003.redintelligence.net — Cisco Umbrella Rank: 269538	126 KB
24	gstatic.com fonts.gstatic.com www.gstatic.com	976 KB
19	audioburst.com embed2.audioburst.com — Cisco Umbrella Rank: 539970 sapi.audioburst.com — Cisco Umbrella Rank: 326461	232 KB
15	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 106	64 KB
12	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	13 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519	9 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	218 KB
9	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18377 api.webgains.io — Cisco Umbrella Rank: 46446	93 KB
9	medialead.de 9 redirects pv.medialead.de — Cisco Umbrella Rank: 44493 medialead.de — Cisco Umbrella Rank: 44071	3 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	6 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	367 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	398 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	57 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	293 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 773 syndication.twitter.com — Cisco Umbrella Rank: 1146	263 KB
6	retailads.net 3 redirects cdn.retailads.net — Cisco Umbrella Rank: 99925	17 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	256 B
3	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43325	9 KB
3	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 92567	936 B
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 36504	6 KB
3	futalis.de futalis.de — Cisco Umbrella Rank: 144638	1 KB
3	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44068	962 B
3	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 111395	3 KB
2	stripe.com checkout.stripe.com — Cisco Umbrella Rank: 6535	46 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 979 pixel.quantserve.com — Cisco Umbrella Rank: 783	10 KB
2	jsrdn.com c.jsrdn.com — Cisco Umbrella Rank: 19015 s.jsrdn.com — Cisco Umbrella Rank: 20026	21 KB
1	windows.net storageaudiobursts.blob.core.windows.net — Cisco Umbrella Rank: 842527	15 KB
1	azureedge.net storageaudiobursts.azureedge.net — Cisco Umbrella Rank: 346797	10 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8682	531 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 924	634 B
1	akamaihd.net pushtoast-a.akamaihd.net — Cisco Umbrella Rank: 128826	36 KB
366	35

	Domain	Requested by
54	mikeonline.com	1 redirects mikeonline.com
39	tpc.googlesyndication.com	securepubads.g.doubleclick.net mikeonline.com 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net tpc.googlesyndication.com
30	pagead2.googlesyndication.com	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com mikeonline.com securepubads.g.doubleclick.net
16	fonts.gstatic.com	fonts.googleapis.com www.google.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mikeonline.com
12	hal9000.redintelligence.net	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com hal90008.redintelligence.net hal90007.redintelligence.net hal90003.redintelligence.net
12	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	embed2.audioburst.com	mikeonline.com embed2.audioburst.com
12	campaign.aptivada.com	mikeonline.com campaign.aptivada.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	www.google.com	2 redirects campaign.aptivada.com tpc.googlesyndication.com www.gstatic.com www.google.com
9	fonts.googleapis.com	mikeonline.com embed2.audioburst.com hal90008.redintelligence.net hal90007.redintelligence.net hal90003.redintelligence.net client
8	www.gstatic.com	www.google.com www.gstatic.com
8	googleads.g.doubleclick.net	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com mikeonline.com pagead2.googlesyndication.com
8	www.googletagservices.com	mikeonline.com securepubads.g.doubleclick.net 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
8	connect.facebook.net	mikeonline.com connect.facebook.net campaign.aptivada.com
7	aptivada.com	campaign.aptivada.com
7	sapi.audioburst.com	embed2.audioburst.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com campaign.aptivada.com
7	www.googletagmanager.com	mikeonline.com www.googletagmanager.com adv.office-partner.de
6	api.webgains.io	analytics.webgains.io
6	5994599.fls.doubleclick.net	3 redirects mikeonline.com
6	cdn.retailads.net	3 redirects futalis.de
6	pv.medialead.de	6 redirects
6	cdn2.aptivada.com	mikeonline.com campaign.aptivada.com
4	platform.twitter.com	campaign.aptivada.com platform.twitter.com
4	hal90003.redintelligence.net	1 redirects 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com hal90003.redintelligence.net
4	hal90008.redintelligence.net	1 redirects 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com hal90008.redintelligence.net
4	hal90007.redintelligence.net	1 redirects 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com hal90007.redintelligence.net
4	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
4	www.facebook.com	mikeonline.com connect.facebook.net
3	cdn.track.production.webgains.team	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com track.webgains.com
3	analytics.webgains.io	track.webgains.com
3	ad-server.eu	9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
3	medialead.de	3 redirects
3	track.webgains.com	mikeonline.com
3	futalis.de	hal90008.redintelligence.net hal90007.redintelligence.net hal90003.redintelligence.net
3	pb.media01.eu	hal90008.redintelligence.net hal90007.redintelligence.net hal90003.redintelligence.net
3	adv.office-partner.de	hal90008.redintelligence.net hal90007.redintelligence.net hal90003.redintelligence.net
2	syndication.twitter.com	platform.twitter.com
2	checkout.stripe.com	campaign.aptivada.com
2	apis.google.com	campaign.aptivada.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	storageaudiobursts.blob.core.windows.net	mikeonline.com
1	storageaudiobursts.azureedge.net	mikeonline.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	pixel.quantserve.com	mikeonline.com
1	rules.quantcount.com	secure.quantserve.com
1	s.jsrdn.com	c.jsrdn.com
1	secure.quantserve.com	c.jsrdn.com
1	pushtoast-a.akamaihd.net	mikeonline.com
1	c.jsrdn.com	mikeonline.com
366	55

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.mikeonlinegold.com
redstate.com
www.mediaite.com
omny.fm
www.foxnews.com
nypost.com
dailycaller.com
www.washingtonexaminer.com
www.dailywire.com
mikeonlinegold.com
salempodcastnetwork.com
salemnewschannel.com
rumble.com
gallaghersheroes.org
hughhewitt.com
dennisprager.com
www.sebgorka.com
theofficertatum.com
metaxastalk.com
thecharliekirkshow.com
juliehartmanshow.com
www.srnnews.com
salemmedia.com

Subject Issuer	Validity	Valid
mikeonline.com R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
campaign.aptivada.com Amazon RSA 2048 M01	`2023-03-01` - `2023-07-08`	4 months	crt.sh
*.jsrdn.com Amazon RSA 2048 M01	`2023-02-22` - `2023-11-14`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
embed2.audioburst.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-06` - `2023-08-06`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.aptivada.com Amazon RSA 2048 M01	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.audioburst.com Go Daddy Secure Certificate Authority - G2	`2022-06-28` - `2023-07-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-12-21` - `2023-12-21`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.futalis.de R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://mikeonline.com/
Frame ID: 9486D6CF9E88AAD3FFAC3D8DF7E31E00
Requests: 90 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=864&widget_type=widget&app_type=&environment=external
Frame ID: 1ABB9E95186F4B355C595E6CB1051A33
Requests: 1 HTTP requests in this frame

Frame: https://aptivada.com/promo/info.php?widget_id=864&widget_type=widget&app_type=&environment=external
Frame ID: 0D550184551339860C4B426824FA444D
Requests: 1 HTTP requests in this frame

Frame: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B929DE72E96022FD6E632B5195C6369B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 019B4FEAC6A2DD3AC0CBA08731CD7BC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuQeh3eAfqAq8RX1kqxNPnPZpH2XzoFjY1Cnk1MkTkxR41vvDJXgwZIy3nTf9piPc7U_s_62EUxE0TukV9hnxusVr2aQi-z3bZpExkP2OhrTyni4x1gmyZrhtyYznI-pj201WJRF0c3dSfioOdYQPQo1Nf2tiDtaxsgjFybMs0Xe5e3IRi4pfYRP6FleafKsNL00Fp-wqUeMI8sYN8MywPx9sQ_NumsGUHEAc4dYPdExKY1IW2pQec80R15xLmpsxm4gUD3gRxY4Snev8n1mkGPmAIc_KjVR4QeKhXlGZY4gAlmwwILg2cykCw&sai=AMfl-YQU7TluppmQw14JVgQtjYjO4w7ZVAcfjSuWD2o0LBVS3ILpxQBTJ7l1FkP3_XrBIi-atEIJvEpSKfJ-hSnwphC6o4vlI8fTSF0lks1vg-kw9ZgiBggWWPsWXeqctCuln_fmSFSsoQ8qPLbDgucO&sig=Cg0ArKJSzO12uK-BpUNtEAE&uach_m=[UACH]&adurl=
Frame ID: C5F8CECB22CA4DB71F04072ADD25E218
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: F119BCB891AA982DD39C94975B8493F3
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSjZyPlYSLzvNbcX584Gkl5DmWmo1d7mZA6FdoxlRvHujw9kQA1pTnYd9SLImUns-WGuV8wQZkAaFmBnhz4Iayn_PQDWSloGSkxLUxKrfWwtrKmYeFKH44j9ki7nr1O5qL3tEh3EkCacDW9NlsFFX0FvE-w4pKeqrDBTqvN2-WAMktS8WOM_NQlCFZGRSbALsYacsSZK4cktmZZvrEZIPJoQY9NXLHiGgQ0OImxrBv6gpqvteuqmiIVWXvcl2j3b3DQnKLGqcyRIxTTJjsXG8PU_unLjoNad1qnhN_xUYYzWpaLSuWcjt7KW1P&sai=AMfl-YT8z54Aw3PQmsc6gc6gkBnzW8MZ8JoygotAWOIXEc40q2Ufd3oWEDk_72Rn9_lj2KfDNodKS-uz1jqERKQmwj3yxgSYMsETjc6ZgSl2S_NZJBo_8v_npc2aQGLsFvtBaPk9RSoCJ7cTuLB66zUX&sig=Cg0ArKJSzAxU-6Iapoq5EAE&uach_m=[UACH]&adurl=
Frame ID: A7DD16580BDAAAE1A1971863D379DCD0
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: CD8B2DBFEC0D9CE963AA42CEBBDB4EC2
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq0UGIBURCE6350aizteXxQ-RlfpGtXJfSFE85bcpQMtpYw8Xt5KjhOcvh1OhaKRfIi2ecTqVqc1yZBg2iSBdsM4EEiRjO5MbCBTJYxw1uNWykqn4NJlvoUuQdf_0erF3JoUTFCdoX8_3kods-hDub0X-6mGIYHLfXucKoYImGnUEY6lhTTdrXV5fhrL7lkTL2dVkXNYRSoYFS8JgMkcvvLxZZZqhA8mns1UseCfNM2HNrOVX_69kWX5_lNzJlDafhSBIf5K6WTJ7xFaIwFJiREqKL54_faeSkrG52p0mRdLgYN0Z1ds8r1Sfl&sai=AMfl-YSJb4Ul3lOg-c0qtd1VZSoKtfWWrWrnsNnsJsVOA_GjfhTlhmU47a-CaB5CRfA5l4Qyi6m5VPq2lgXjT65Y8r0nqg5CDgk3-_rtmMFZQSY-XAqYNy5Obdk0e18jxE4rQYtlDToFc0zDLkKOB8P8&sig=Cg0ArKJSzGfGKiThV9UyEAE&uach_m=[UACH]&adurl=
Frame ID: B40A71C0C8D66699C6E186EEB3D03F69
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk-Ut2Khos1oGD7cin2rpgi_pXE9eV3RkF6jH-w1JAMCDVHyB-1i2sW4V9RJQcXeWr282JdNP-l5WbXLu_iqnn7uLPYekcB3nlcE5LmUijR7kF5JzFQHyzfQITuOd8mEwKJC7tQYjxAihmybKXumOHGPC9FY5kxywJBl2UIK0I7YhCW9DXGIDK9u7CzI_QWj4s1sPJNAfo6QsDEpCq5MAdC66A_ElHmI_BTy2b9ESO0O7mf67Ovqkxw-KA_3QwFvPqw1fKMSUESCWTYv6e98fSuGZubJ8vGKdqvPIc2coOxpA24RZiUp_50b0_&sai=AMfl-YQ4dQ0lupmxi3QYrnIL8lJjjl3gKHf0wulofdzjVAk4HqJkG2b4gDT_VX_UrkyBl-3xM2G6tGXwWWffgqBiSig-XTUFBpZU5MQkUIeSxuBjUIiZw-95s738CdzCEkHzIf25E5MC9VfDTImDwb5E&sig=Cg0ArKJSzKzMbxvscMpjEAE&uach_m=[UACH]&adurl=
Frame ID: 58DA24860EF4B767A77407B13D283DFE
Requests: 7 HTTP requests in this frame

Frame: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A27268F79BE11A316450C1E6CCD119F
Requests: 20 HTTP requests in this frame

Frame: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 034A711831A658BAB843C802EC2A50FA
Requests: 20 HTTP requests in this frame

Frame: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3ECC34945B4296CAAE7DA101B3609F57
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVWTqiSarkHIp3_8jcZvihYViCwthdAYTwcZJB_qVxwxh_M4dQTMqgjoQ7Y8ulhg6YhNTBnthb2BcYk3LsaUudTclufT-jbSjMoVWGk6grRS7tvkva1sgRsFUiwa-pLj3Tl4BnFsqxzZYFAonHbSH8v6bIugHbOtKVY9g6pJfQWflaCT68
Frame ID: 4D621D4CDB33940587ACA628DD316F75
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXOD0_9guhHPmq3keqON-ZYnwxWkHxSqun41TBPkXRC7GaR84FEK3B7JMo8aYCN8Thgsb3aIhdlVCrNsuOBSSCcNHvtYzneesJatIr8Fjqkh6ghHyaOf7PBuA5C3-JjrTikQmUPLdHE66v7ORmMFH6gZJKXP_3gdEustAe-WFHCN-ssi6s
Frame ID: 8253807A4B4CF2237E8E95C31CAB9751
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNW2v3UQ4OfAJACL87w4pktj7ynk6Be6Nt7ZmnJ2kII5xAkUj2h7yFE7dHay8pIFq7lj1Eq1neBBjn4LZtL5pKx6PGJGJUgHWp1aza-hyc1cwi5p7lUPzsHmhVDBd6X9sVxJE1zeud2buZ9dZoHzmJJ6N6d9q7ZlsYLX5AgFCxKwbC6OEcg
Frame ID: 1669F2AA4A00FB97CFCA86EF6E09C304
Requests: 5 HTTP requests in this frame

Frame: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Frame ID: 971D9974AE6C4D95EE9265A90A4EF003
Requests: 19 HTTP requests in this frame

Frame: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Frame ID: F3AAB92ADBB05DCB18FBF35475DCDBBE
Requests: 24 HTTP requests in this frame

Frame: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Frame ID: 7F650BEC4E53F26F63DF9FE178CDB555
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51B7F9E7377DC083685C09F7544B9443
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AE340F3FB7EE821474F44475E320FC8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB40A7C025381A6D05A3776061E86BE5
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 39BEDAA01EF4E09680D7FEBA628077FA
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50173600175103104444550012257008&actionid=981741&produktid=&dt_url=
Frame ID: C892B441AE04074CD414E4D7926A6E2D
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509
Frame ID: 27B7975CDF14AB41C6F245CE6D073171
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565
Frame ID: 3A084BCD548DE486DCD812295845FB3E
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Frame ID: 2DC65AFBE0865A0F817A5DAF1D21514A
Requests: 6 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 46CC90F08601DB1B9E6C6C1005AA95A3
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53909600193108904444554012257007&actionid=981741&produktid=&dt_url=
Frame ID: 2EA37BA0D2FD17CBBA47C2E9B8ABA71F
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508
Frame ID: FAF0EE6DBC82E80578ECD50DC2FA3116
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794
Frame ID: 733B680094D2E921536DCDDB0B7169A1
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Frame ID: 7615831B657D1DE952EF37C812A6B87B
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B5A5C376A7F73BE05F05A1783E2A216C
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65993600182178904444554012257003&actionid=981741&produktid=&dt_url=
Frame ID: E3145DD7ADA1AFC71CC44003800323E8
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510
Frame ID: 87653F63A93218BC25A91D4FD77F51F5
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735
Frame ID: 02F970F687C64FF270DC25810719DF3D
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Frame ID: C3F7D57A5E553870AB9E648982C4DA3F
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com
Frame ID: F346FCDF510868DFFEBB3D5C9ECD4AC1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com
Frame ID: 933F9947F8DBC451799A6C7FA6FCB6CD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F8DAC05C1D4472D1EC9FDFEED54DA43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38B05EF7163134EB7A25B867D56206CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=87xzhw3tlngg
Frame ID: C3D6EE16DAE82A97DF85B6324F43DC8A
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=hs25afjitu5m
Frame ID: 177F4052B710B8063AB6CC450D2BD981
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Mike Gallagher Show

Page URL History Show full URLs

http://mikeonline.com/ HTTP 301
https://mikeonline.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

366
Requests

95 %
HTTPS

50 %
IPv6

35
Domains

55
Subdomains

53
IPs

9
Countries

7069 kB
Transfer

18844 kB
Size

26
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/us/app/gallagher/id487852159
Title: Mobile App for iPhone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.radio.station.GALLAGHER.DJ
Title: Mobile App for Android

Search URL Search Domain Scan URL

URL: https://www.mikeonlinegold.com/

Search URL Search Domain Scan URL

URL: https://redstate.com/terichristoph/2023/03/07/mitch-please-mcconnell-goes-full-rino-in-condemning-tucker-carlson-and-new-j6-video-n712860
Title: Goes Full RINO in Condemning Tucker Carlson and New J6 Video

Search URL Search Domain Scan URL

URL: https://www.mediaite.com/politics/watch-kevin-mccarthy-has-no-regrets-giving-tucker-carlson-j6-footage-after-mitch-mcconnell-called-it-a-mistake/
Title: No Regrets Giving Tucker Carlson J6 Footage After Mitch McConnell Called It ‘a Mistake’

Search URL Search Domain Scan URL

URL: https://www.mediaite.com/news/karine-jean-pierre-tucker-carlsons-jan-6-tapes-show-worst-attack-on-our-democracy-since-the-civil-war/
Title: Jan. 6 Tapes Show ‘Worst Attack on Our Democracy Since the Civil War’

Search URL Search Domain Scan URL

URL: https://omny.fm/shows/mike-gallagher-podcast/
Title: Show Archive

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/politics/trump-considering-kari-lake-2024-running-mate-report
Title: Fox News

Search URL Search Domain Scan URL

URL: https://nypost.com/2023/03/07/you-can-condemn-capitol-riot-and-still-have-questions-about-that-day/
Title: The New York Post

Search URL Search Domain Scan URL

URL: https://dailycaller.com/2023/03/07/schumer-begs-rupert-murdoch-to-kick-tucker-carlson-off-air/
Title: The Daily Caller

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/politics/elon-musk-house-jan-6-committee-misleading-public-withholding-evidence
Title: Fox News

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/politics/kamala-harris-telling-childhood-story-says-she-asked-her-mom-why-conservatives-bad
Title: Fox News

Search URL Search Domain Scan URL

URL: https://www.washingtonexaminer.com/news/campaigns/texit-state-representative-introduces-texas-independence-act
Title: The Washington Examiner

Search URL Search Domain Scan URL

URL: https://www.dailywire.com/news/tucker-carlson-releases-january-6-footage-that-raises-new-questions?%3Futm_source=twitter&utm_medium=social&utm_campaign=dwnewstwitter
Title: The Daily Wire

Search URL Search Domain Scan URL

URL: https://mikeonlinegold.com/

Search URL Search Domain Scan URL

URL: https://mikeonlinegold.com/member/login.php
Title: Login

Search URL Search Domain Scan URL

URL: https://www.mikeonlinegold.com/member/signup/
Title: Join

Search URL Search Domain Scan URL

URL: https://salempodcastnetwork.com/podcasts/mike-gallagher-podcast

Search URL Search Domain Scan URL

URL: https://salempodcastnetwork.com/podcasts/mike-gallagher-podcast/playlists/the-m-m-experience

Search URL Search Domain Scan URL

URL: https://salempodcastnetwork.com/podcasts/mike-gallagher-podcast/playlists/the-mike-gallagher-backstage-pass

Search URL Search Domain Scan URL

URL: https://salemnewschannel.com/host/mike-gallagher/
Title: Watch Mike Gallagher on

Search URL Search Domain Scan URL

URL: https://rumble.com/c/MikeGallagherShow
Title: Mike on

Search URL Search Domain Scan URL

URL: https://gallaghersheroes.org/

Search URL Search Domain Scan URL

URL: https://hughhewitt.com/
Title: HughHewitt.com

Search URL Search Domain Scan URL

URL: https://dennisprager.com/
Title: DennisPrager.com

Search URL Search Domain Scan URL

URL: https://www.sebgorka.com/
Title: SebGorka.com

Search URL Search Domain Scan URL

URL: https://theofficertatum.com/
Title: TheOfficerTatum.com

Search URL Search Domain Scan URL

URL: https://metaxastalk.com/
Title: MetaxasTalk.com

Search URL Search Domain Scan URL

URL: https://thecharliekirkshow.com/
Title: TheCharlieKirkShow.com

Search URL Search Domain Scan URL

URL: https://juliehartmanshow.com/
Title: JulieHartmanShow.com

Search URL Search Domain Scan URL

URL: https://www.srnnews.com/
Title: SRNNews.com

Search URL Search Domain Scan URL

URL: https://salemmedia.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out/
Title: California – Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-media-group-inc-ccpa-privacy-notice/
Title: California- CCPA Notice

Search URL Search Domain Scan URL

URL: https://salemmedia.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mikeonline.com/ HTTP 301
https://mikeonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 228

https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 229

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 230

https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 236

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50173600175103104444550012257008&actionid=981741&produktid=&dt_url=

Request Chain 237

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=50173600175103104444550012257008&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509

Request Chain 239

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565

Request Chain 241

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 243

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53909600193108904444554012257007&actionid=981741&produktid=&dt_url=

Request Chain 244

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53909600193108904444554012257007&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508

Request Chain 246

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794

Request Chain 248

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 250

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65993600182178904444554012257003&actionid=981741&produktid=&dt_url=

Request Chain 251

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=65993600182178904444554012257003&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510

Request Chain 253

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735

Request Chain 255

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003 HTTP 302
https://ad-server.eu/wm/pb/native.png

366 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mikeonline.com/
Redirect Chain

http://mikeonline.com/
https://mikeonline.com/

120 KB
15 KB

509ms
155ms

Document
text/html

209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 99a0942af1bf18bc95aa7ed1b0d8a9d400ff9fbce51cbe03b8249ac7b0cf125f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 08 Mar 2023 20:01:43 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: BYPASS

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 20:32:45 GMT
Location: https://mikeonline.com/
Server: nginx
Transfer-Encoding: chunked
X-Cache-NxAccel: BYPASS
X-Redirect-By: iThemes Security

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 68ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21830187-29

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f678868c375dc62f7f455a1d7458bf0813cd72b5cace2658ba1d8acb886ac5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44811
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 65ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34961268-2

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5ff7f2dc779a7260c1b3d65f4a1f8ee4e61dacf92ca7f326197ded599bd533a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44782
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 widget.js Show response
campaign.aptivada.com/ 75 KB
14 KB 100ms
9ms Script
application/javascript 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/widget.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2784c542114791c6dbd92d298e5472ef1f0595eb6cfb515758c2a05e27a915f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: UoT3heo5YFH3_PMfEdnsxWImwNucpmP6
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
date: Wed, 08 Mar 2023 19:44:09 GMT
last-modified: Mon, 22 Nov 2021 21:42:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 69018
etag: W/"3ad3a6232d4f711267c5e1c660ae4d2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sifrd4u0cp_jl_uXIxti4cm_asIihjTJRctjplI_PQU_N7Sh5VchqA==

GET
H2 200 classic-themes.min.css
mikeonline.com/wp-includes/css/ 217 B
256 B 277ms
275ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 08:19:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
x-nocache: 1
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 189
expires: max-age=A10368000, public

GET
H2 200 style.css
mikeonline.com/wp-content/themes/mike-gallagher/ 63 KB
12 KB 123ms
121ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 1c6c749ca3a9c8e330444f44a8ad74732004ea4f1e66fa1ff4b021c3be18e207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:38 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12206
expires: max-age=A10368000, public

GET
H2 200 jplayer.css
mikeonline.com/audio-player/css/ 3 KB
1 KB 123ms
121ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/audio-player/css/jplayer.css
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 93c71598eb9fa4b6d8e05460544f6f05182d68bf28370ddb96fe8173789f4ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1025
expires: max-age=A10368000, public

GET
H2 200 poll-style.css
mikeonline.com/newslettersubscribe/polls/ 6 KB
2 KB 123ms
122ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/newslettersubscribe/polls/poll-style.css?ver=380
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 16724f489d8784d9c8913f2e1464a3ec213ae53661bc4a7e109cb0da1fb1b2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 01:06:56 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1527
expires: max-age=A10368000, public

GET
H2 200 jquery.min.js Show response
mikeonline.com/wp-includes/js/jquery/ 88 KB
30 KB 277ms
276ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 08:19:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30995
expires: max-age=A10368000, public

GET
H2 200 jquery.jplayer.min.js Show response
mikeonline.com/audio-player/ 60 KB
14 KB 123ms
122ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/audio-player/jquery.jplayer.min.js?ver=2.9.2
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 600230e783fa38f88891426af12ddac8e12e9c4cff3222b60310d8d2814b341b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:33:38 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 14178
expires: max-age=A10368000, public

GET
H2 200 initialize-jplayer.js Show response
mikeonline.com/audio-player/ 809 B
419 B 123ms
122ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/audio-player/initialize-jplayer.js?ver=1.1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: aba0132e2426948db646222cda157707467d2205dc342bad98655f0fa7d2dfcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 385
expires: max-age=A10368000, public

GET
H2 200 googleDFP.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 4 KB
888 B 124ms
122ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/googleDFP.js?ver=1.4
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 5c30a604ec3b77c5cbee0731b4535480da2bdf420e1a3542582e5eea57536302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:54 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 831
expires: max-age=A10368000, public

GET
H2 200 jquery.validate.min.js Show response
mikeonline.com/newslettersubscribe/js/ 24 KB
8 KB 124ms
123ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/newslettersubscribe/js/jquery.validate.min.js?ver=6.1.1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 20:36:45 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7920
expires: max-age=A10368000, public

GET
H2 200 poll-subscribe.js Show response
mikeonline.com/newslettersubscribe/polls/ 9 KB
2 KB 280ms
279ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/newslettersubscribe/polls/poll-subscribe.js?ver=1.4
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 3b27def9c610fd1b701e7945e49512be1bb3fd085db8ae7d9d0f965ef8d907b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 15:47:29 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2119
expires: max-age=A10368000, public

GET
H2 200 cs.js Show response
c.jsrdn.com/s/ 60 KB
20 KB 75ms
8ms Script
application/javascript 18.66.122.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsrdn.com/s/cs.js?p=23097
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f474569318d03948a8c0bde3dcd4fb68a30618654bb8573150dc19c35940baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: KiRg0qbm4KJYG2yahLe2nNunADvVidpW
content-encoding: gzip
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
date: Wed, 08 Mar 2023 06:01:17 GMT
x-amz-cf-pop: FRA60-P2
age: 52290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20513
last-modified: Thu, 23 Feb 2023 19:35:16 GMT
server: AmazonS3
etag: "618e26074f3e6c1818ae2805c04ba34b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: SnpIawkSfIefmBppY-AL79xR_Zu-U1DNWSRJQ6c5SlCsjp65pcApZQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 37ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efaaeaa55f6ec3c9f8c66b8cb8b43986d15c204bb7ee5157457c9219fbc64fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mikeonline.com/
Origin: https://mikeonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:46 GMT
content-md5: StNqoGkVVqvdfnW873jTbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: oe2Okd3Vm1zIV1fIR9Jgije78OfElQlYyjbHZ/SCxP1V99QpGvk7e7kp8rXZMILvnmesxZIvRSUafihOZKjsPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
x-fb-content-md5: f0b03d8a74d2d4d994f6584c40ce7c3e
cross-origin-opener-policy: same-origin-allow-popups
etag: "e1a51334fe6cb07d41c47a84efb7179e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 20:52:20 GMT

GET
H2 200 gallagher-headshot-g.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 9 KB
9 KB 125ms
116ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/gallagher-headshot-g.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 01a8431f4581ca5103fa3cd43c2e751d273f8916c6e21fae729d9e25d632d8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:43 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 8947
expires: max-age=A10368000, public

GET
H2 200 logo.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 4 KB
2 KB 125ms
116ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/logo.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 6b81e18ccd7561100cff269cdc620bfb3237e3c1e31717610e72a0d37030ae17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:44 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1625
expires: max-age=A10368000, public

GET
H2 200 envelope-white.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 636 B
497 B 125ms
116ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/envelope-white.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: bd52a588b12d42db3f53423781c1fcd41c60cf75d0fda30757eaeb7643a505a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:42 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 440
expires: max-age=A10368000, public

GET
H2 200 mobile_logo.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 7 KB
2 KB 126ms
117ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/mobile_logo.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 053ec209337acd61f2f4e51db896df1912d9e410d4984066f9dba6e030a47775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:45 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2121
expires: max-age=A10368000, public

GET
H2 200 team-gallagher-logo.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 6 KB
6 KB 126ms
117ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/team-gallagher-logo.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 512fc5c1b8a4526ca7e16f673381780e322134c923ff40d6bcf3a9bedd5a271a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:48 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 6038
expires: max-age=A10368000, public

GET
H2 200 salemnewschannel-logo-white.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 4 KB
2 KB 126ms
117ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/salemnewschannel-logo-white.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: cc21bdd86038c18b926543905e1a28e531b0bea3ddebf248639ed3361fac644f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:46 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1758
expires: max-age=A10368000, public

GET
H2 200 play-icon.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 574 B
431 B 126ms
117ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/play-icon.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 8ce2aea535286a5e1fcbaf3fbc8490540324603e293fcfee256c3d355dbad6a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:45 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 397
expires: max-age=A10368000, public

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 34ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f32f1b7df01aacd2929237bff28a99c992c64d4211e44dfcbc25221820e1066f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40145
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 team-gallagher-sidebar-header_v2.jpg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 8 KB
8 KB 125ms
117ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/team-gallagher-sidebar-header_v2.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 1fcdc4b88d09fecfb93fc8b83f415c4380cc31ee1eb4aeacad699fb145dc6d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:48 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 8048
expires: max-age=A10368000, public

GET
H2 200 absdk-es2015.js Show response
embed2.audioburst.com/dist/audioburst-sdk/ 27 KB
8 KB 220ms
11ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d562d522e0b6be8cdca2e6a4b179718f5c786f8a1dd0b7add6e389a349804f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:45 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:25:31 GMT
x-azure-ref-originshield: 0Q7IHZAAAAAA9EdV+N5V2RJIvh1b1LNeoRlJBMjMxMDUwNDE3MDM3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: NrXHNEmQYNqMeuD1FE8vYg==
etag: "0x8DB197E8037DFB1"
x-azure-ref: 07vAIZAAAAABPpZZeppICRqlF9AblhMqDRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5e9e0db9-201e-005e-3cf6-50237f000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 gallagher-podcast-btn.png
mikeonline.com/wp-content/uploads/2021/06/ 4 KB
4 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2021/06/gallagher-podcast-btn.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 7fff661744b28ba95528eced0da575b0abf3b1d891d297bd83f8f5958864fbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 09 Jun 2021 20:45:50 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 4533
expires: max-age=A10368000, public

GET
H2 200 mm-experience-podcast-btn.png
mikeonline.com/wp-content/uploads/2021/06/ 7 KB
7 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2021/06/mm-experience-podcast-btn.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 10565ce64fa781b072487373920d077f65975b4da780ab1775cb8825356bdc83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 09 Jun 2021 20:45:50 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7247
expires: max-age=A10368000, public

GET
H2 200 backstage-pass-podcast-btn.png
mikeonline.com/wp-content/uploads/2021/06/ 8 KB
9 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2021/06/backstage-pass-podcast-btn.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: f12e66ba8827a3aa79eec49244aefe04a0c15f9b2ef944c75e18af80d27f1d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 09 Jun 2021 20:45:49 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 8677
expires: max-age=A10368000, public

GET
H2 200 rumble-logo.png
mikeonline.com/wp-content/uploads/2021/04/ 2 KB
2 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2021/04/rumble-logo.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 7f11dbbe7b22ee5e4ce96ae070eb9dadd6944a425d4dae4971e6e61edee50fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Thu, 29 Apr 2021 18:59:16 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2375
expires: max-age=A10368000, public

GET
H2 200 newsletter-signup-banner-GALLAGHER.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 11 KB
11 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/newsletter-signup-banner-GALLAGHER.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 4cfcc8083238bbcb9fb7693db0d7a96a8aa33ee7a6c886b28cf434664d271fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:45 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 11112
expires: max-age=A10368000, public

GET
H2 200 gallagher-mobile-app-sidebar-header-3a.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 7 KB
7 KB 125ms
118ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/gallagher-mobile-app-sidebar-header-3a.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: af4468c2c304068b2602bceb649fd451bffdd88f3596d0c6d09ae0a8edad1463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:43 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7476
expires: max-age=A10368000, public

GET
H2 200 mobile-app-sidebar-itunes-btn-3.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 1 KB
1 KB 125ms
119ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/mobile-app-sidebar-itunes-btn-3.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 751ace1c7d92e00f2c42c14a0cdb178396462877a8aec60d1faaa315d2c8fbe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:44 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1274
expires: max-age=A10368000, public

GET
H2 200 mobile-app-sidebar-google-btn-3.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 2 KB
2 KB 463ms
458ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/mobile-app-sidebar-google-btn-3.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: e79261aff8ac4c076f59de00c7d4f23ba7bc9a20f1cf8fb37e38acaf0bac189a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:44 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2048
expires: max-age=A10368000, public

GET
H2 200 gallaghers-heroes-logo.svg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 7 KB
3 KB 464ms
458ms Image
image/svg+xml 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/gallaghers-heroes-logo.svg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: a04cb176036681eaf2617d21f86c77b0e125bc24ed5437e235802f6287ea9d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:43 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2631
expires: max-age=A10368000, public

GET
H2 200 Alexa-host-skill-300x100-GALLAGHER.png
mikeonline.com/wp-content/uploads/ 10 KB
10 KB 464ms
458ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/Alexa-host-skill-300x100-GALLAGHER.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 700cf37b70ee0f97a6aac4e54d955c2128ee60c63639048653532370a3d72997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 9936
expires: max-age=A10368000, public

GET
H2 200 js.cookie.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 4 KB
1 KB 115ms
114ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/js.cookie.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 4982e4fc6ada0c0ef33e70ac185693095f440279081c5cada73e2e6e7a11e879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:54 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1424
expires: max-age=A10368000, public

GET
H2 200 masonry.pkgd.min.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 24 KB
7 KB 115ms
114ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/masonry.pkgd.min.js?ver=4.2.2
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:54 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7354
expires: max-age=A10368000, public

GET
H2 200 imagesloaded.pkgd.min.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 5 KB
2 KB 125ms
116ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: a9d5af55a8d68bcf6804f8912452601ba941a25fcedb984d14ef33946a9ae6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:54 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1770
expires: max-age=A10368000, public

GET
H2 200 myScripts.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 6 KB
2 KB 126ms
116ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/myScripts.js?ver=380
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: c4750351ae38d43062656e5ad832f0667bce4e753d01e869d3b079c8807e0e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:55 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1540
expires: max-age=A10368000, public

GET
H2 200 initialize-masonry.js Show response
mikeonline.com/wp-content/themes/mike-gallagher/js/ 432 B
281 B 126ms
116ms Script
application/javascript 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/initialize-masonry.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 76fdd79aeadf405d42dc1779cac01e831a4666c2d9f900f31f5435af2ae3d9d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:54 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 247
expires: max-age=A10368000, public

GET
H/1.1 200
OK sw.register.js Show response
pushtoast-a.akamaihd.net/2.0/ 112 KB
36 KB 196ms
20ms Script
application/javascript 2a02:26f0:11a::6867:48f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pushtoast-a.akamaihd.net/2.0/sw.register.js
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:48f9 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52bcfe58e4b6dc7a7dff59c2f1630939bb80af3628deecc84c9b50ea6c737a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: iSFNL_93.64qrcehzlp.kld9vI4vwoCc
Content-Encoding: gzip
Date: Wed, 08 Mar 2023 20:32:46 GMT
x-amz-request-id: J314CQQCBYESC4SD
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 36015
x-amz-id-2: 3j6UHYemVbjIxpZBMCfFqiGHlxHjQEgPxFPndItQ23nyKHH4HWbrzbvvh1Wfvca2fCk2T3S0yhY=
Pragma: no-cache
Last-Modified: Tue, 01 Nov 2022 20:08:10 GMT
Server: AmazonS3
ETag: "73c97061473ccea21e636d1aa87c951d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Accept-Ranges: bytes
Expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 113ms
29ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21830187-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4516
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Mar 2023 21:17:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 34ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34961268-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21830187-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

815f656ee0e11f6f7873a0bdb532be30f0f51201c7127a3c97406553d3653576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44786
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 normalize-v2.min.css
mikeonline.com/wp-content/themes/mike-gallagher/css/ 3 KB
1 KB 151ms
150ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/css/normalize-v2.min.css
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 0f0971a5b94f0be340bdf1e2fd24e00567de112af8a6f4d267b0dae20dcf178f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:40 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1302
expires: max-age=A10368000, public

GET
H2 200 icomoon-style-v2.css
mikeonline.com/wp-content/themes/mike-gallagher/css/ 2 KB
614 B 151ms
150ms Stylesheet
text/css 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/css/icomoon-style-v2.css
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: ef7ffe0dfbf41fdb05b2113fc1e393200ae354f6a839b99e4a5887c22b77059e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:40 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 580
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 134ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:22:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 78ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/googleDFP.js?ver=1.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2e1e11364163401ad3db563cfd4f828f047507169ad0671e5241f59aadc271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27460
x-xss-protection: 0
server: sffe
etag: "1505 / 742 of 1000 / last-modified: 1678277387"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 20:32:46 GMT

GET
H2 200 iframeLoader.gif
cdn2.aptivada.com/images/ 30 KB
30 KB 92ms
28ms Image
image/gif 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/images/iframeLoader.gif
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 06:44:33 GMT
x-amz-version-id: wWpi.PVolYNt17y93yspJcx5ZO5Tq8hV
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Apr 2018 06:54:22 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 308894
etag: "5f587297cec677d528a5fb6f7184ff5e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 30578
x-amz-cf-id: vC1APUqsFMymFQYSrC2Jv_DR3jzGBGo1LHjptiVSD5oR-ON_53NZsg==

GET
H2 200 todays-show-bg.png
mikeonline.com/wp-content/themes/mike-gallagher/images/ 2 KB
3 KB 462ms
459ms Image
image/png 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/todays-show-bg.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 30368b7a816e86a691a918196cb09f65792bf0a656b28e4eba5f1c81a5043ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:49 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2556
expires: max-age=A10368000, public

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 54ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mikeonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 574033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 05:05:33 GMT

GET
H2 200 icomoon.ttf
mikeonline.com/wp-content/themes/mike-gallagher/fonts/ 6 KB
4 KB 460ms
459ms Font
x-font/ttf 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/fonts/icomoon.ttf?8kzy8q
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/css/icomoon-style-v2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 1056ab726f0279fbf00b8011448cfc9df05732f4c808edbc450a6916669c7367

Request headers

Referer: https://mikeonline.com/wp-content/themes/mike-gallagher/css/icomoon-style-v2.css
Origin: https://mikeonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Feb 2023 20:58:41 GMT
server: nginx
vary: Accept-Encoding
x-cache-nxaccel: HIT
content-type: x-font/ttf
cache-control: max-age=0
accept-ranges: bytes
content-length: 3541
expires: max-age=A10368000, public

GET
H2 200 March-8-2023-Vid-2-Screenshot-600x329.jpg
mikeonline.com/wp-content/uploads/2023/03/ 30 KB
30 KB 452ms
450ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-8-2023-Vid-2-Screenshot-600x329.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 11c0999f3ea2292c3e52f3ebac953795b8a4df884f773dbacef16ac9ae3fdd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 08 Mar 2023 19:36:34 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30462
expires: max-age=A10368000, public

GET
H2 200 March-8-2023-Vid-1-Screenshot-600x334.jpg
mikeonline.com/wp-content/uploads/2023/03/ 29 KB
29 KB 451ms
448ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-8-2023-Vid-1-Screenshot-600x334.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 4a5e8b9555aa36d23f4b83db3997cbfddf69c0bf57daa281fea6ae5448d7b1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Wed, 08 Mar 2023 18:39:31 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30101
expires: max-age=A10368000, public

GET
H2 200 2019-11-05T015550Z_1007930186_RC114BD99C10_RTRMADP_3_USA-ELECTION-TRUMP-300x200.jpg
mikeonline.com/wp-content/uploads/ 32 KB
32 KB 452ms
450ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2019-11-05T015550Z_1007930186_RC114BD99C10_RTRMADP_3_USA-ELECTION-TRUMP-300x200.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 504f94fae9862fa7b328516d19c94ec1ed6efa9857ba12589dddd9dd7364241a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 32476
expires: max-age=A10368000, public

GET
H2 200 2021-02-13T171107Z_745550803_RC2TRL9EMCWW_RTRMADP_3_USA-TRUMP-IMPEACHMENT-300x200.jpg
mikeonline.com/wp-content/uploads/2021/02/ 21 KB
21 KB 454ms
452ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2021/02/2021-02-13T171107Z_745550803_RC2TRL9EMCWW_RTRMADP_3_USA-TRUMP-IMPEACHMENT-300x200.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 3fbe9a9afb238c1f4da978b488d9db4e51512dcd783758e0b0634a2fc046d105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 19 Feb 2021 19:47:41 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 21660
expires: max-age=A10368000, public

GET
H2 200 2019-01-29T201629Z_926951635_RC1125D23560_RTRMADP_3_USA-CONGRESS-300x200.jpg
mikeonline.com/wp-content/uploads/ 14 KB
14 KB 451ms
449ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2019-01-29T201629Z_926951635_RC1125D23560_RTRMADP_3_USA-CONGRESS-300x200.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: be63f671db96df3a488e56be11d8955142419ce57d988c4aa1e30310bdb78675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 14555
expires: max-age=A10368000, public

GET
H2 200 March-7-2023-Vid-3-screenshot-600x336.jpg
mikeonline.com/wp-content/uploads/2023/03/ 28 KB
28 KB 453ms
451ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-7-2023-Vid-3-screenshot-600x336.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 1c5b49c05f5aa28887ee7c4c18e79182ccb727cf28a5e352d7246f6d0327033e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Tue, 07 Mar 2023 19:20:44 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 28236
expires: max-age=A10368000, public

GET
H2 200 March-7-2023-Vid-2-screenshot-600x337.jpg
mikeonline.com/wp-content/uploads/2023/03/ 41 KB
42 KB 452ms
451ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-7-2023-Vid-2-screenshot-600x337.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: b1652093023ed8416f9a9789909650d64458b7eacd45c4bd9a3e65a2983ebafe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Tue, 07 Mar 2023 18:59:48 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 42472
expires: max-age=A10368000, public

GET
H2 200 invite-to-speak-bg.jpg
mikeonline.com/wp-content/themes/mike-gallagher/images/ 9 KB
9 KB 438ms
438ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/themes/mike-gallagher/images/invite-to-speak-bg.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 711cb08a2ec32cd6b730b3106c586cb1d8fbc16e484ed89a8682a42a9dbd287b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/wp-content/themes/mike-gallagher/style.css?ver=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Fri, 17 Feb 2023 20:58:44 GMT
server: nginx
x-cache-nxaccel: HIT
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 9430
expires: max-age=A10368000, public

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a13a156103706f97d17b59e76f23e5ef

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

409d661e3a98ccd388fe96545de278dde23549a2ece923ee629b2ef1a3acfae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mikeonline.com/
Origin: https://mikeonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:46 GMT
content-md5: yOi3soVtqjreKC6Y86iB2Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88568
x-fb-rlafr: 0
x-fb-debug: 6BrEbtU64xknfnVpCweXcE0116nf00o4UVW8PmUMXWJc8tJN7FxNvwfAHdVjstDj3Jpt65dpw+x3FS9wSQ/efg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
x-fb-content-md5: 0f60d77fe778f53580a27827d5e04fcf
cross-origin-opener-policy: same-origin-allow-popups
etag: "f789f4317c23fd8525186159893c9a35"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 07 Mar 2024 20:13:58 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
27 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: k71gOnn4rc8qrXq/pIKogZFjJgtcU/4bizDUlUm3l6MM/LxTL9RpdWKJYXlkTBNs8OF3TkrJklVRfJZUx5oSbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 49ms
9ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23097
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
etag: "sCsI4IX19r4ykIX4lYSZTA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 15 Mar 2023 20:32:46 GMT

GET
H2 200 1.js Show response
s.jsrdn.com/s/ 0
496 B 237ms
150ms Script
text/javascript 65.9.95.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.jsrdn.com/s/1.js?p=23097&r=af5r&k=dmMJMjAyMzAyMjMJdQlkNGQxYjBkOS05NjEyLTQxZTgtOGZlYS1mZjdjY2I4NWU3NWMJdW4JMQl2CTkyMjQ2YmY4LWJlOGQtNDkzYS1hNDI4LTFkZDIwZmU0YjA0NQl0Zwljcy5qcwlidAkyMDIzLTAzLTA4VDIwOjMyOjQ2KzAwOjAwCWRjCXV0Zi04CWJsCWVuLXVzCWZ0CQlkdwkxNjAwCWRoCTEyMDAJYmMJMQlicAkxCWJkCTI0CWJ3CTE2MDAJYmgJMTIwMAlmCWh0dHBzOi8vbWlrZW9ubGluZS5jb20vCXVkCQlwYgkwCXB2CTAJcHEJMAljdwkJYWNyCXVuZGVmaW5lZAlkcgkJa3cJbWlrZSBnYWxsYWdoZXIgc2hvdwlwcmYJdW5kZWZpbmVk
Requested by: Host: c.jsrdn.com
URL: https://c.jsrdn.com/s/cs.js?p=23097
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-117.prg50.r.cloudfront.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:46 GMT
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADM DEV PSA PSD OUR BUS COM NAV INT"
content-type: text/javascript
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
x-amz-cf-id: whTcHGNIjt3nppnNIIROU3wV73vkNoSycLhshibwNDMVzE6v9diS_A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 390961805259193 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390961805259193?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4c70195beffd278283ffe90a7c164dbea5c436f2a5cae19c463cf023cdd6362

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Mar 2023 20:32:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: c/HlU1iSYZ5LrH0dXarLjKMZ6AAXQ7uxA7SujLTdBAglmCfabBGGbhT/BAXe3oWBp4Cak/SL0e5rj0FwjK8wmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
131 KB 110ms
28ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133088
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 18:16:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
598 B 141ms
62ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mikeonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f0edad7d5b34ca0a502c89bece4ea3782699711813ae1bfe74a15e40e3796a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 51ms
51ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=973667161&t=pageview&_s=1&dl=https%3A%2F%2Fmikeonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Mike%20Gallagher%20Show&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2035155126&gjid=1312529690&cid=73497616.1678307567&tid=UA-21830187-29&_gid=316392903.1678307567&_r=1&gtm=457e3360&z=410324666

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mikeonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mikeonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 50ms
50ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=973667161&t=pageview&_s=1&dl=https%3A%2F%2Fmikeonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Mike%20Gallagher%20Show&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1047705775&gjid=1876069247&cid=73497616.1678307567&tid=UA-34961268-2&_gid=316392903.1678307567&_r=1&gtm=457e3360&z=2079106337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mikeonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mikeonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 March-7-2023-Vid-1-screenshot-600x338.jpg
mikeonline.com/wp-content/uploads/2023/03/ 30 KB
30 KB 254ms
253ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-7-2023-Vid-1-screenshot-600x338.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 7b14ef380dba6519879a5b09fd2c894bd4f40cfeb79c745c12a3a244afdcc28e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Tue, 07 Mar 2023 18:33:48 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30367
expires: max-age=A10368000, public

GET
H2 200 Tesla-Inc-Chief-Executive-Elon-Musk-300x200.jpg
mikeonline.com/wp-content/uploads/2022/06/ 11 KB
11 KB 351ms
351ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2022/06/Tesla-Inc-Chief-Executive-Elon-Musk-300x200.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: f649c070905a708ee6f6e3bac47ea8fbba35886b3ca85b787361fcfba1902a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Thu, 23 Jun 2022 17:12:24 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 11134
expires: max-age=A10368000, public

GET
H2 200 Kamala-Harris-2-300x196.jpg
mikeonline.com/wp-content/uploads/2022/09/ 17 KB
18 KB 351ms
351ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2022/09/Kamala-Harris-2-300x196.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 5810519a58fdc1bba745bf4ebec32775e0bbb30926206ed96fe99b9447281cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Mon, 12 Sep 2022 17:11:46 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 17846
expires: max-age=A10368000, public

GET
H2 200 2019-08-06T173242Z_142877258_RC1365927100_RTRMADP_3_TEXAS-SHOOTING-300x200.jpg
mikeonline.com/wp-content/uploads/ 22 KB
22 KB 354ms
353ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2019-08-06T173242Z_142877258_RC1365927100_RTRMADP_3_TEXAS-SHOOTING-300x200.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: ea63f05328ce44ee4e42cf5d3cbd537f2b85185c867da93cbb7fdc2f3a387bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Sat, 12 Sep 2020 01:17:11 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 22853
expires: max-age=A10368000, public

GET
H2 200 March-6-2023-Vid-3-screenshot-600x336.jpg
mikeonline.com/wp-content/uploads/2023/03/ 29 KB
29 KB 355ms
355ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-6-2023-Vid-3-screenshot-600x336.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: c26210be1b17f8191dfd5a55e2190a90479c351844d0e8aa3fcf4db4c5b46908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Mon, 06 Mar 2023 20:29:19 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30045
expires: max-age=A10368000, public

GET
H2 200 March-6-2023-Vid-2-screenshot-600x337.jpg
mikeonline.com/wp-content/uploads/2023/03/ 23 KB
23 KB 352ms
352ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-6-2023-Vid-2-screenshot-600x337.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 8fef960c3736be3eb6ab3eeebc708928c3e9dec15a15a1981624957c54f66be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Mon, 06 Mar 2023 20:08:02 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 23277
expires: max-age=A10368000, public

GET
H2 200 March-6-2023-Vid-1-screenshot-600x340.jpg
mikeonline.com/wp-content/uploads/2023/03/ 35 KB
35 KB 353ms
353ms Image
image/jpeg 209.126.30.224
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mikeonline.com/wp-content/uploads/2023/03/March-6-2023-Vid-1-screenshot-600x340.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/wp-content/themes/mike-gallagher/js/imagesloaded.pkgd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.30.224 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-139961.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 814584384197534008e3373149bab496d3f2ebd3db67259e36a9da8f29045e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
last-modified: Mon, 06 Mar 2023 18:59:52 GMT
server: nginx
x-cache-nxaccel: MISS
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 35509
expires: max-age=A10368000, public

GET
H2 200 rules-p-w9vzu-sGKCA0U.js Show response
rules.quantcount.com/ 160 B
634 B 44ms
10ms Script
application/javascript 2600:9000:223c:1600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-w9vzu-sGKCA0U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa8c88f6fb8c595025a5499c5b965b2a3a0df3049103dedd6c4bd88861f4ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:02:51 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:48 GMT
server: AmazonS3
etag: "5edf0414e91fcef9b8a461d81ebdac7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 0tIAYXMp44PGduEFfnKUYVxNi07ukRNhTU3R50JwCRqW56yO5hsTPw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 40ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Fmikeonline.com%2F&rl=&if=false&ts=1678307566742&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1678307566741.1779286254&it=1678307566593&coo=false&rqm=GET

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Mar 2023 20:32:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK b765f146-8fb0-432c-9735-4327d45415e8 Show response
sapi.audioburst.com/v2/PlayerMetadata/GetPlayer/ 1 KB
1 KB 820ms
102ms Fetch
application/json 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/PlayerMetadata/GetPlayer/b765f146-8fb0-432c-9735-4327d45415e8?appkey=5e814f4545e54e58ab62aeafceccc55f
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 19f15cf0620a4cbe0e8eb4305ba38c369e88a28aada2b3581482dcfb88b251a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:47 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 786
Request-Context: appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d

GET
H2 200 info.php Show response
aptivada.com/promo/ Frame 1ABB 1 KB
786 B 1062ms
348ms Document
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/info.php?widget_id=864&widget_type=widget&app_type=&environment=external
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-38-199.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: e29b2696707898783147675829b152a114625174c610335f21ead56fecc7d2e0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 660
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:47 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 info.php Show response
aptivada.com/promo/ Frame 0D55 1 KB
785 B 1111ms
399ms Document
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/info.php?widget_id=864&widget_type=widget&app_type=&environment=external
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-38-199.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: e29b2696707898783147675829b152a114625174c610335f21ead56fecc7d2e0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 660
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:47 GMT
server: Apache
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 64ms
19ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21830187-29&cid=73497616.1678307567&jid=2035155126&gjid=1312529690&_gid=316392903.1678307567&_u=YEBAAUAAAAAAACAAI~&z=2014767518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mikeonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 20:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mikeonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 64ms
20ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34961268-2&cid=73497616.1678307567&jid=1047705775&gjid=1876069247&_gid=316392903.1678307567&_u=YEDAAUABAAAAACAAI~&z=103551663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mikeonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 20:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mikeonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1218047227;labels=pub.23097%2Clang.en-us%2Cdomain.com.mikeonline.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fmikeonline.com%2F;uht=2;fpan=1;fpa=P0-1292488844-1678307566709;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ 35 B
371 B 27ms
10ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1218047227;labels=pub.23097%2Clang.en-us%2Cdomain.com.mikeonline.root;rf=0;a=p-w9vzu-sGKCA0U;url=https%3A%2F%2Fmikeonline.com%2F;uht=2;fpan=1;fpa=P0-1292488844-1678307566709;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=mikeonline.com;dst=0;et=1678307566774;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Mike%20Gallagher%20Show%2Cdescription.A%20blend%20of%20timely%20political%20commentary%252C%20compelling%20talk%20and%20terrific%20discussions%2Curl.https%3A%2F%2Fmikeonline%252Ecom%2F%2Csite_name.The%20Mike%20Gallagher%20Show%2Cimage.https%3A%2F%2Fmikeonline%252Ecom%2Fwp-content%2Fuploads%2F2022%2F03%2FMike-Gallagher-Show-FB-image-1%2Cimage%3Awidth.1200%2Cimage%3Aheight.627%2Cimage%3Atype.image%2Fjpeg;ses=e505ea3a-b6fe-4287-84a3-7252f2455367

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 64ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mikeonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 62ms
25ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mikeonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 322 KB
50 KB 612ms
611ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2119287484723854&correlator=745449936305382&eid=31072890&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fifs&iu_parts=6177%2CGallagherNew&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90&ifi=1&adks=997740371%2C997740364%2C649958350%2C649958351%2C649958348%2C649958349%2C649958346%2C649958347%2C649958344%2C649958345%2C675869636&sfv=1-0-40&prev_scp=pos%3Dsponsor_header%7Cpos%3Dsponsor_nav%7Cpos%3Dsponsor_1%7Cpos%3Dsponsor_2%7Cpos%3Dsponsor_3%7Cpos%3Dsponsor_4%7Cpos%3Dsponsor_5%7Cpos%3Dsponsor_6%7Cpos%3Dsponsor_7%7Cpos%3Dsponsor_8%7Cpos%3Dsponsor_footer&sc=1&cookie_enabled=1&abxe=1&dt=1678307566845&lmt=1678305703&dlt=1678307566174&idt=635&adxs=436%2C436%2C470%2C873%2C470%2C1270%2C1270%2C1270%2C1270%2C-9%2C436&adys=20%2C378%2C984%2C1790%2C2557%2C1130%2C1171%2C1518%2C1559%2C-9%2C5633&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C0%7C0%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmikeonline.com%2F&frm=20&vis=1&psz=1600x40%7C1600x30%7C373x-1%7C373x-1%7C373x-1%7C300x1%7C300x1%7C300x1%7C300x1%7C0x-1%7C1600x60&msz=1600x40%7C1600x30%7C300x-1%7C300x-1%7C300x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C1600x60&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=73497616.1678307567&ga_sid=1678307567&ga_hid=973667161&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a4eb7672dd957edf36c9d6c0306da468ea0d62e03de4871baf1d5a711640ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50207
x-xss-protection: 0
google-lineitem-id: 6230811572,-2,-1,6195023738,-1,6202783630,6196042987,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423484617,-2,-1,138418770111,-1,138419836868,138419002271,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mikeonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B929 6 KB
3 KB 630ms
24ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
expires: Thu, 07 Mar 2024 20:32:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 019B 0
71 B 11ms
9ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mikeonline.com
Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mikeonline.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5F8 0
0 68ms
68ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuQeh3eAfqAq8RX1kqxNPnPZpH2XzoFjY1Cnk1MkTkxR41vvDJXgwZIy3nTf9piPc7U_s_62EUxE0TukV9hnxusVr2aQi-z3bZpExkP2OhrTyni4x1gmyZrhtyYznI-pj201WJRF0c3dSfioOdYQPQo1Nf2tiDtaxsgjFybMs0Xe5e3IRi4pfYRP6FleafKsNL00Fp-wqUeMI8sYN8MywPx9sQ_NumsGUHEAc4dYPdExKY1IW2pQec80R15xLmpsxm4gUD3gRxY4Snev8n1mkGPmAIc_KjVR4QeKhXlGZY4gAlmwwILg2cykCw&sai=AMfl-YQU7TluppmQw14JVgQtjYjO4w7ZVAcfjSuWD2o0LBVS3ILpxQBTJ7l1FkP3_XrBIi-atEIJvEpSKfJ-hSnwphC6o4vlI8fTSF0lks1vg-kw9ZgiBggWWPsWXeqctCuln_fmSFSsoQ8qPLbDgucO&sig=Cg0ArKJSzO12uK-BpUNtEAE&uach_m=[UACH]&adurl=

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame C5F8 22 KB
9 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame C5F8 3 KB
1 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5F8 158 KB
49 KB 36ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 11844461524057144145
tpc.googlesyndication.com/simgad/ Frame C5F8 55 KB
55 KB 120ms
77ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11844461524057144145

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8abdf96df5f8f31a02e74bd6f9a15d1525b4f8267faa0b6b407cbca19d63b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56269
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 18:57:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 20:32:47 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame F119 222 KB
61 KB 74ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame F119 15 KB
5 KB 115ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame F119 94 KB
28 KB 111ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame F119 5 KB
2 KB 110ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame F119 40 KB
13 KB 109ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
DATA 200
OK truncated
/ Frame F119 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21cb2e6c122f0f11c5ddf9f9d2bf959864247bb4b19445199d2b9aef088e3641

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7DD 0
0 70ms
69ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSjZyPlYSLzvNbcX584Gkl5DmWmo1d7mZA6FdoxlRvHujw9kQA1pTnYd9SLImUns-WGuV8wQZkAaFmBnhz4Iayn_PQDWSloGSkxLUxKrfWwtrKmYeFKH44j9ki7nr1O5qL3tEh3EkCacDW9NlsFFX0FvE-w4pKeqrDBTqvN2-WAMktS8WOM_NQlCFZGRSbALsYacsSZK4cktmZZvrEZIPJoQY9NXLHiGgQ0OImxrBv6gpqvteuqmiIVWXvcl2j3b3DQnKLGqcyRIxTTJjsXG8PU_unLjoNad1qnhN_xUYYzWpaLSuWcjt7KW1P&sai=AMfl-YT8z54Aw3PQmsc6gc6gkBnzW8MZ8JoygotAWOIXEc40q2Ufd3oWEDk_72Rn9_lj2KfDNodKS-uz1jqERKQmwj3yxgSYMsETjc6ZgSl2S_NZJBo_8v_npc2aQGLsFvtBaPk9RSoCJ7cTuLB66zUX&sig=Cg0ArKJSzAxU-6Iapoq5EAE&uach_m=[UACH]&adurl=

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame A7DD 22 KB
9 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame A7DD 3 KB
2 KB 39ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7DD 158 KB
48 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 5295544878846118667
tpc.googlesyndication.com/simgad/ Frame A7DD 62 KB
62 KB 86ms
67ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5295544878846118667

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

006e5f0fa20a0d02352c4886a8f9d37cd01b9d7fdbaf4be6062153b4185f6c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63027
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 20:13:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 20:32:47 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame CD8B 222 KB
60 KB 76ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame CD8B 15 KB
5 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame CD8B 94 KB
28 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame CD8B 5 KB
2 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame CD8B 40 KB
13 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 181463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
DATA 200
OK truncated
/ Frame CD8B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d57c1eabc96a09496b75002e51e4f60711934fbb77db7bdb40778b77bc4898

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B40A 0
0 73ms
70ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq0UGIBURCE6350aizteXxQ-RlfpGtXJfSFE85bcpQMtpYw8Xt5KjhOcvh1OhaKRfIi2ecTqVqc1yZBg2iSBdsM4EEiRjO5MbCBTJYxw1uNWykqn4NJlvoUuQdf_0erF3JoUTFCdoX8_3kods-hDub0X-6mGIYHLfXucKoYImGnUEY6lhTTdrXV5fhrL7lkTL2dVkXNYRSoYFS8JgMkcvvLxZZZqhA8mns1UseCfNM2HNrOVX_69kWX5_lNzJlDafhSBIf5K6WTJ7xFaIwFJiREqKL54_faeSkrG52p0mRdLgYN0Z1ds8r1Sfl&sai=AMfl-YSJb4Ul3lOg-c0qtd1VZSoKtfWWrWrnsNnsJsVOA_GjfhTlhmU47a-CaB5CRfA5l4Qyi6m5VPq2lgXjT65Y8r0nqg5CDgk3-_rtmMFZQSY-XAqYNy5Obdk0e18jxE4rQYtlDToFc0zDLkKOB8P8&sig=Cg0ArKJSzGfGKiThV9UyEAE&uach_m=[UACH]&adurl=

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame B40A 22 KB
9 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame B40A 3 KB
1 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B40A 158 KB
48 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 11771653469146655205
tpc.googlesyndication.com/simgad/ Frame B40A 53 KB
53 KB 73ms
71ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11771653469146655205

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87cc3e3b0b2f1c273a21064d575cb1f83fa711c956908063e5b2627236cf9d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54483
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 18:21:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 20:32:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58DA 0
0 70ms
67ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk-Ut2Khos1oGD7cin2rpgi_pXE9eV3RkF6jH-w1JAMCDVHyB-1i2sW4V9RJQcXeWr282JdNP-l5WbXLu_iqnn7uLPYekcB3nlcE5LmUijR7kF5JzFQHyzfQITuOd8mEwKJC7tQYjxAihmybKXumOHGPC9FY5kxywJBl2UIK0I7YhCW9DXGIDK9u7CzI_QWj4s1sPJNAfo6QsDEpCq5MAdC66A_ElHmI_BTy2b9ESO0O7mf67Ovqkxw-KA_3QwFvPqw1fKMSUESCWTYv6e98fSuGZubJ8vGKdqvPIc2coOxpA24RZiUp_50b0_&sai=AMfl-YQ4dQ0lupmxi3QYrnIL8lJjjl3gKHf0wulofdzjVAk4HqJkG2b4gDT_VX_UrkyBl-3xM2G6tGXwWWffgqBiSig-XTUFBpZU5MQkUIeSxuBjUIiZw-95s738CdzCEkHzIf25E5MC9VfDTImDwb5E&sig=Cg0ArKJSzKzMbxvscMpjEAE&uach_m=[UACH]&adurl=

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 58DA 22 KB
9 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 58DA 3 KB
1 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58DA 158 KB
48 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 17511388850776024335
tpc.googlesyndication.com/simgad/ Frame 58DA 32 KB
32 KB 75ms
72ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17511388850776024335

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c53b375a20560eea4ba90c3762b9064c1fd8b3afae7f3a00a916493c5eac5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32354
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 20:04:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 20:32:47 GMT

GET
H2 200 container.html Show response
9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A27 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
expires: Thu, 07 Mar 2024 20:32:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 034A 6 KB
3 KB 22ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
expires: Thu, 07 Mar 2024 20:32:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3ECC 6 KB
3 KB 18ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
expires: Thu, 07 Mar 2024 20:32:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3552030442047011578
tpc.googlesyndication.com/simgad/ Frame F119 53 KB
53 KB 21ms
17ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3552030442047011578?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvGf2ckBxP-jNgrRPgMp_73jrIdQ

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 11:46:07 GMT
x-content-type-options: nosniff
age: 31600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53791
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 06:20:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 11:46:07 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F119 2 KB
3 KB 36ms
32ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 5773
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F119 295 B
424 B 18ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 77892
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Mar 2023 22:54:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F119 0
0 79ms
77ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvGwV7vAIZPyROteIiM0P34y4eM_IgO9u1bev2ukQ3tkeEAEg0e2gF2CVgoCArAegAYeDv_cDyAEC4AIAqAMByAMIqgSjAk_QYsWQTDTpNwAg28P1xQh_uG-ckzhA8seJfQnnNgpjMhFBqfXZZEpkte6jrhKmbsOYPnakXb3-JPiTpAqIbspFpLf2vi74rUfEbOn4tZxRPKaLhTd0T0NYcOGvmRs1tBVyl6IDXQEJcYP05IfwREhN4Ou1ZOcdIdqFuFgepMWfbKjY8gVIjWvQG2zyQv09dwiLzEqdf-t6SqIGrn8aGYs1-IskvXVV8ngy_J6eSMot9bxd-mMxQf5rJQOv1qbeHmdpy7MfUDfsT3RQM7BBgWQ2q6He1bjywRkwKLYT8GINqF8c_lcf8NqdzgKrcv4Fk-q5pKcu9VOf_2TW5cgSHqrIGf1N1SB-KGZPx8vO0ne2UBwoiJOxenFHntJw266qL6rbCsAEpMHowJgE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6a7_oUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpfUZ0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItOTQ1MDY1NTIwOTgyNDYxNxit0hU&sigh=SzIYfdAZdhc&uach_m=[UACH]&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 2620780678268416998
tpc.googlesyndication.com/simgad/ Frame CD8B 50 KB
50 KB 29ms
26ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2620780678268416998?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmCNESWYgwhUfwzycZuaZLpno1ZcQ

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f09df56f7aabf366be449dae49c8c86124a42b71177240307820a41c7a1a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:03:36 GMT
x-content-type-options: nosniff
age: 559751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50836
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:45:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 09:03:36 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD8B 2 KB
3 KB 36ms
34ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 5773
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD8B 295 B
353 B 18ms
16ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 77892
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Mar 2023 22:54:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CD8B 0
0 74ms
73ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMA8p7vAIZP2ROteIiM0P34y4eIf5orRvuvnSrtUQ3tkeEAEg0e2gF2CVgoCArAegAZWY6ccCyAEC4AIAqAMByAMIqgSbAk_Qp0Zof6uDurisH5xzZHvUgbLsF1jRmqE9UtJ3szCKAWzz6nPL5IvBNnTgePwM2Wk7q_lKgzOMdacLAAeUKcDTtFrpWJKZXYBB658HLlAv1R36-8jJRFkfApSz78AbSLSUG1heeMN3YrQdbw0tLEzRaeUmTON5XxLGGKpt6stVpiiOWdbXRQqYSTIToKzahEOupvNWOmGP-oMAPkalVYXXcy2a1Fb4KT7-ryTJjq_K2JeB2F0olsIX3Sje9KvkQFizQwflSTJyJ5DuuLf2yW1Ck-OzUJMJOJs3FOAHn6h7SfyfF_juUFCFN3_HqpU3nyS2aU9PgcI3jvj_Qk4MYHFlBgsb-hAESAP_0wprSOVu_YiIFbL_-Pa1YG7ABKKzj5aEBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAet46axAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPHNBNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTk0NTA2NTUyMDk4MjQ2MTcYrdIV&sigh=JtfPlmNEgkk&uach_m=[UACH]&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C5F8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07dfa0687e469fabc79db01151bbd8922943b12c6c564f41bfd3f950685a8604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A7DD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6063b3af4d54bb007c51b5dba6f611a68ff6c75a674dc930735117e7c276503

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B40A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 481b6469bc7d899dd7734ff39b7acd4fb09d493b7b4f0cfae185371e5f502ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 58DA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eba3b87847ffcf23d7912085e1273e0898176c6d136a499518bfc48cb6c00455

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D62 624 B
577 B 103ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVWTqiSarkHIp3_8jcZvihYViCwthdAYTwcZJB_qVxwxh_M4dQTMqgjoQ7Y8ulhg6YhNTBnthb2BcYk3LsaUudTclufT-jbSjMoVWGk6grRS7tvkva1sgRsFUiwa-pLj3Tl4BnFsqxzZYFAonHbSH8v6bIugHbOtKVY9g6pJfQWflaCT68

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A27 78 KB
28 KB 136ms
86ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A27 42 B
173 B 167ms
117ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DG6kPXBjvCaPP35qmWkt86HI5LrN3kCUzAnBFUEl7M_PqtmanGdLFQHOSO_0-Kbumk6_crshwAtRyhlHpXYIXbZkaLBJDxo6uKnjXpXIKfpGHbSf8

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A27 0
58 B 171ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5310303770810688547&x=1&ct=77

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 7A27 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 7A27 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A27 158 KB
48 KB 226ms
224ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8253 624 B
285 B 100ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXOD0_9guhHPmq3keqON-ZYnwxWkHxSqun41TBPkXRC7GaR84FEK3B7JMo8aYCN8Thgsb3aIhdlVCrNsuOBSSCcNHvtYzneesJatIr8Fjqkh6ghHyaOf7PBuA5C3-JjrTikQmUPLdHE66v7ORmMFH6gZJKXP_3gdEustAe-WFHCN-ssi6s

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 034A 78 KB
27 KB 221ms
174ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 42 B
107 B 167ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dm8YghCasu1HuSrU9DuCv_HeRy2BQ_e4b-ScjfoEmA4f9d7gCyOQu1zrpft_l1yY4yVXWQVjMdtfeEU9sAjcKtPHdOh0x-RMBUceFiTjTGO9Le068

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 0
56 B 167ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13145880665544507346&x=1&ct=77

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 034A 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 034A 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 034A 158 KB
48 KB 243ms
242ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1669 624 B
285 B 91ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNW2v3UQ4OfAJACL87w4pktj7ynk6Be6Nt7ZmnJ2kII5xAkUj2h7yFE7dHay8pIFq7lj1Eq1neBBjn4LZtL5pKx6PGJGJUgHWp1aza-hyc1cwi5p7lUPzsHmhVDBd6X9sVxJE1zeud2buZ9dZoHzmJJ6N6d9q7ZlsYLX5AgFCxKwbC6OEcg

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3ECC 78 KB
27 KB 201ms
164ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECC 42 B
107 B 159ms
123ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZ69fEZKe6cxrVwCnVbFCa9kSoswGYFQF_aPneLyQyvj-QMvwe9tye29j8oLHAs1-324z4BuA4QPqM3qR3BXim1R5PmVUIdRPgS5GCnowXgCzgpQk

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECC 0
56 B 158ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=730127399378076584&x=1&ct=77

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 3ECC 3 KB
1 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 3ECC 20 KB
8 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ECC 158 KB
48 KB 225ms
216ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 player.html Show response
embed2.audioburst.com/skins/safinder/ Frame 971D 5 KB
1 KB 22ms
11ms Document
text/html 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/audioburst-sdk/absdk-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cfedf76b70ee2908101ee95f47251d32130e0d9917a5a1945abb67c98f9f9ccd

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-md5: 5iaAxDh0y7wmYA5Yvoh7mA==
content-type: text/html
date: Wed, 08 Mar 2023 20:32:46 GMT
etag: "0x8DB197F6BA06D6B"
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref: 07/AIZAAAAAAv5Ou/JUPWTIF0dEu8PNXlRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-azure-ref-originshield: 0xBAIZAAAAAB0pR3/y9RxSaXF7U0hSINrRlJBMjMxMDUwNDE3MDQ5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
x-cache: TCP_HIT
x-ms-request-id: 2269aa96-b01e-0073-136e-51900c000000
x-ms-version: 2018-03-28

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B40A 0
0 69ms
65ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiiv9IJnl5vvtDDl8aTxHicBqJ9Y3act3znmXouc7NotGlwe2mNnQkTxn9UO8Q6HW4KXTVOPCMfDPRUmG5Hy1CC72YgZ43odyiAp25cYXUl7EfLf_tQlNEA9BGpDvniN-hnI1lZHuJdKjGoeeLF-kHkihUBJNPYYcoQrl5DuoU-dEf1f_JJxLUWjf6sjiFqvkEluZper-2p_h2FM8kBEvHxYGKn-Szfsm4F_KEbNIGUv7yuKwplm_QTrros1qosixMuj3Ka508yaMHrlU65VeuZrBA0Y3k-HJ6dnG_ermr6tkzWCA62Rkx6n-mIik&sai=AMfl-YRwHPOVKwCtzaSiBqakrpTMq9fYnGhJOWXGiAaBeose7vyuTFkihEFedEMFM-5k-oEhk-PFKjMdGjS_lOFGETPjPNQwxAkXHVsP9TXBrLKICWXge6MXrHMagHVO343SJt8971dl3lg4NxIZ5hmx&sig=Cg0ArKJSzIzSTMwN7Nr6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7DD 0
0 72ms
72ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQlSfZXe9DyJkFu3zjj9t9ioppFLPu1I3zX_vrXgpBFnziINUTBeT41jBIBfew_SFTwavmw8kzuLVFTmr6ycRYYq2EQ-5NJaDwyvOJoDREvIH_Efc2ENAIkFU7H_LpHCWbixZXRq2nAJ9_SQiRkvYPp0y_DYivrGS_Bn-RHzWMMmtahg-g2-LgJ6rMrS7y7uFNg1CUqlyzeUxxcry0IFNxjrMz7Oa1nJ79Iei4CpWlZVpSiHpJQPIKGMeiPrPVkbILTkC7XAUpM5YV4Cm53zVHazU6OKL1BtziWajedECdsWWT8t-RMhrX6imxY6o&sai=AMfl-YQ3EgLxBCzxgESiP-CNDFxL4DPsDBgViMuCLjOxz6rV4T2JX0DYIqpoynfWxgzG9TxUCVCTUjj6BxIZ6zaDa4t7sRaD5qFmowB5HfOMjqlTjnB_HL3DscesBUDmwag0AsDIOay0Xorgaadna24A&sig=Cg0ArKJSzABJtiZpnjZpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5F8 0
0 65ms
64ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_5wFvchlnByjK55PsSc1KVf2a8WRg-tFmL8tNiqpC3gpd5tCzo-9kgrVobm7CPMr4rNTmn5tH8rLElGBAoUvU1BoAlT71SEbgK64X5ZY111XuIg8V4Hh_OVinmqif9tUmaU0eoWrBHw5Ie5LRtresXXx4KvNqzZw3-SHv-IaYw1WhfC_7ydyj26rJNsUg7eIWTPWk8zoF_Soi0RIixgpl-fvWeb4NL-Y-8CpH5A0FdFNiO_9nRfcpgkBoQlqEq5uOg9i1ugoSUeJ_yhNtq3x1AUWaHXrKMqIMrVR9P-9jk3lU6bcshgu0GdHUE-A&sai=AMfl-YRPa1BG2ByHi1fv9pkUpFfu_LePqhQ_rihq0awkIUiP76nTFB3AeUA77wqaV84PytTDk3SGpFzcMwVtGMf_7VJQhCiv8UUZ0xmQad_DMwdvlSgqFCb7vEeH5v0zzVgILyYYt_6k9Vg08eDDMBKA&sig=Cg0ArKJSzDN1jW52j6QHEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58DA 0
0 66ms
65ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5Uv2zgEwQa5HdCZ7PP75l1MVKxlRISOKh0K70PvKyxnG0P0bp60EFWekal-OZdliD0UMXErFdWJL77BFd1xp_D3X3QDcITOBW6l3CP7In5GwqiE_pnEtURl4mAckfhltEUnG3yW3XnrPBDCakazw3XMD2IKUJkdenApgehAubNAGVvUnuc8K6_OPe7rEYTR-MuCw3GBbz6iziVLVFarkzDh6VEodaV5hf44kX3qbX6Fk1ZmWxDC-1DZITxVyW9nk8ZuMUW9mYdzh8dBV4K-YHOYvWeCk1GX1D_6AEPA7IZ8hWwIo3snSvhP7Mcuc&sai=AMfl-YSoHtoJwjVdPL1fJmwF3x6OiMkrsfJhsVARLzuGTki6AUggtmxxAu1KeYwcHwhOnCDQXKR6n0iyWrrBmALT_K5un8yhzID6b561UNd7wI8Dnqr0XyuRZBj-xnpr5lxZUEcGLade9W7uF6BxZhmF&sig=Cg0ArKJSzHaalkoUnMHSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 971D 7 KB
714 B 55ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:25:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:47 GMT

GET
H2 200 common.css
embed2.audioburst.com/skins/_common/scss/ Frame 971D 63 KB
9 KB 13ms
11ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/_common/scss/common.css?version=2.09
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 928d006fac28559d4ab0ef0dbed86a026272858795b5bdb227303d38d2d025ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 0+NkHZAAAAAAVjhwrxxsDRaLmXVePuS3uRlJBMjMxMDUwNDE4MDQ3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: smKm1i4sjjLTYNoDeRHOAQ==
etag: "0x8DB197F6C1CDE64"
x-azure-ref: 07/AIZAAAAACKcXrvNFMeQLtMDOetcccwRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 390f2515-101e-0055-7c55-51d814000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 ab-icon-font.css
embed2.audioburst.com/skins/_common/css/ Frame 971D 5 KB
1 KB 15ms
13ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/_common/css/ab-icon-font.css?version=2.09
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 922246a1623fa5043f1c41a7d0d60444ae4b9411ac561626ba66cfea8b811bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 0C1YIZAAAAAD9iEG5aa4yToo1MenYBIXtRlJBMjMxMDUwNDE4MDMxAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: noG1PCTY+JLhAVAvmkfZ1w==
etag: "0x8DB197F6BEAD925"
x-azure-ref: 07/AIZAAAAACv7LPUj3J4Tr/1nF6V/XDzRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c8c3e94f-c01e-0056-616e-513970000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 skin.css
embed2.audioburst.com/skins/safinder/scss/ Frame 971D 2 KB
744 B 15ms
13ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/safinder/scss/skin.css?version=2.09
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f29c205e8f649728be9dc2d83a0ab91e2e85dcc75725bd4c33b538caae42443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:07 GMT
x-azure-ref-originshield: 0um0IZAAAAACKiQH+ZsY2R6Gkjco6IGwmRlJBMjMxMDUwNDE3MDMzAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: G4u99mQ6QvlXEmqPXwudVw==
etag: "0x8DB197F6C4743A5"
x-azure-ref: 07/AIZAAAAAAwcE7wIWHHRofLOZ6V6qzGRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 68e83f47-301e-0020-4c11-51b338000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 embedded-player-es2015.js Show response
embed2.audioburst.com/dist/embedded-player/ Frame 971D 660 KB
153 KB 25ms
24ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a22af4bf7d2f34a4490cfcb054a9f178feeabe988ace3d0a5ac7810008881a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:25:31 GMT
x-azure-ref-originshield: 0vO8HZAAAAACI2O/57UZoTJEMZxPoVYs8RlJBMjMxMDUwNDE3MDQ5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: PRu+zqCFwF8nv87zQL0oyw==
etag: "0x8DB197E80766640"
x-azure-ref: 07/AIZAAAAADa564Vncz1QZopSz3Uyq8dRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bd54277f-101e-0045-20e6-501d7c000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 ab-logo.svg
embed2.audioburst.com/skins/_common/img/ Frame 971D 9 KB
3 KB 17ms
16ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed2.audioburst.com/skins/_common/img/ab-logo.svg
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8961a7fb3c1d945400c22a904ec490dcea2ba5118656dc3ade4e1772b7c365a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 0qMcHZAAAAAAb5xX8pxO/Q6AF7pTzZvW0RlJBMjMxMDUwNDE4MDM5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: pyRICirNgqXP6fRN21/QQA==
etag: "0x8DB197F6C100EFE"
x-azure-ref: 07/AIZAAAAACCwljBw1TiQZJ/WneyvdjnRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2e40943a-501e-007b-024b-518a03000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 ab-logo-light-skin.svg
embed2.audioburst.com/skins/_common/img/ Frame 971D 9 KB
3 KB 45ms
45ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed2.audioburst.com/skins/_common/img/ab-logo-light-skin.svg
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c58929a69737b585a7b14fa445fe6bf683328b2e4543afaf2fdc1a6a4ea1672c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 08PAIZAAAAACGoDXWI384TaUFkiuePRPyRlJBMjMxMDUwNDE4MDIzAGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: Uw6b7pgQU3zqH+SBKnhfow==
etag: "0x8DB197F6C105D1A"
x-azure-ref: 07/AIZAAAAADlzxB9UFjETZZRfXqmB5QmRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_REMOTE_HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: eaa2d48c-e01e-000c-78ec-515f97000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 jquery-3.6.0.min.js Show response
embed2.audioburst.com/skins/_common/js/third-party/ Frame 971D 87 KB
30 KB 19ms
18ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/_common/js/third-party/jquery-3.6.0.min.js
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:07 GMT
x-azure-ref-originshield: 0ZewIZAAAAADVzVvCxwQYRq95dr34aM6BRlJBMjMxMDUwNDE3MDM3AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: BzLj6rv4qnzn9p7tvQff3Q==
etag: "0x8DB197F6C721E02"
x-azure-ref: 07/AIZAAAAAAaKu4J/jLhTKbloJHKpM9cRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cd814b19-901e-0006-67ab-51fb20000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 common.js Show response
embed2.audioburst.com/skins/_common/js/ Frame 971D 23 KB
6 KB 17ms
15ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/_common/js/common.js?version=2.09
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c4be8248cb698c031c27a6fe598828dc464e73ce2abcbfd7c506257e6f753ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 0TegIZAAAAACF1YFT6nF+R65NQi9+aoESRlJBMjMxMDUwNDE3MDE5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: Mo/xRsPU8csQMRPFRZ2Zmg==
etag: "0x8DB197F6BF9F227"
x-azure-ref: 07/AIZAAAAADlpD0uDA56S6bd0BvIFw3kRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ce05b4d5-601e-0060-29cb-51b400000000
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 ui.js Show response
embed2.audioburst.com/skins/safinder/js/ Frame 971D 659 B
969 B 12ms
11ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/safinder/js/ui.js?version=2.09
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a980afdc89b08a8c84056a463a14899c9a378c4615d4645ee87eedf54d37439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
last-modified: Tue, 28 Feb 2023 11:32:06 GMT
x-azure-ref-originshield: 0+NkHZAAAAABHzF4nWPbaQb4fn3bXsD0/RlJBMjMxMDUwNDE3MDI5AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: 6ZznO6YrN73m+117f8lC8Q==
etag: "0x8DB197F6C314DCE"
x-azure-ref: 07/AIZAAAAAAz/H7YjXlbQLHREYcMPPn2RlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4aab9f7d-601e-0012-4e8f-50b34f000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 659

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
766 B

18ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVWTqiSarkHIp3_8jcZvihYViCwthdAYTwcZJB_qVxwxh_M4dQTMqgjoQ7Y8ulhg6YhNTBnthb2BcYk3LsaUudTclufT-jbSjMoVWGk6grRS7tvkva1sgRsFUiwa-pLj3Tl4BnFsqxzZYFAonHbSH8v6bIugHbOtKVY9g6pJfQWflaCT68
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D62
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
632 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVWTqiSarkHIp3_8jcZvihYViCwthdAYTwcZJB_qVxwxh_M4dQTMqgjoQ7Y8ulhg6YhNTBnthb2BcYk3LsaUudTclufT-jbSjMoVWGk6grRS7tvkva1sgRsFUiwa-pLj3Tl4BnFsqxzZYFAonHbSH8v6bIugHbOtKVY9g6pJfQWflaCT68
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 4D62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

43 B
1 KB

19ms
16ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVWTqiSarkHIp3_8jcZvihYViCwthdAYTwcZJB_qVxwxh_M4dQTMqgjoQ7Y8ulhg6YhNTBnthb2BcYk3LsaUudTclufT-jbSjMoVWGk6grRS7tvkva1sgRsFUiwa-pLj3Tl4BnFsqxzZYFAonHbSH8v6bIugHbOtKVY9g6pJfQWflaCT68

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 788f06a0-cc01-4ddd-bce7-0c05d4977ac4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 390ac70a-cd3b-4999-aba6-daa3f4a80b15
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D62
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

170 B
188 B

28ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 267e01f3-9820-4a31-951f-05e3eb0265b1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1669
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
632 B

17ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNW2v3UQ4OfAJACL87w4pktj7ynk6Be6Nt7ZmnJ2kII5xAkUj2h7yFE7dHay8pIFq7lj1Eq1neBBjn4LZtL5pKx6PGJGJUgHWp1aza-hyc1cwi5p7lUPzsHmhVDBd6X9sVxJE1zeud2buZ9dZoHzmJJ6N6d9q7ZlsYLX5AgFCxKwbC6OEcg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1669
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNW2v3UQ4OfAJACL87w4pktj7ynk6Be6Nt7ZmnJ2kII5xAkUj2h7yFE7dHay8pIFq7lj1Eq1neBBjn4LZtL5pKx6PGJGJUgHWp1aza-hyc1cwi5p7lUPzsHmhVDBd6X9sVxJE1zeud2buZ9dZoHzmJJ6N6d9q7ZlsYLX5AgFCxKwbC6OEcg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1669
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

43 B
1 KB

9ms
9ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNW2v3UQ4OfAJACL87w4pktj7ynk6Be6Nt7ZmnJ2kII5xAkUj2h7yFE7dHay8pIFq7lj1Eq1neBBjn4LZtL5pKx6PGJGJUgHWp1aza-hyc1cwi5p7lUPzsHmhVDBd6X9sVxJE1zeud2buZ9dZoHzmJJ6N6d9q7ZlsYLX5AgFCxKwbC6OEcg

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 4c2717ed-8744-472b-8bb3-cfb978796914
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 25a7e093-605d-41bf-84e9-0670c300006a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1669
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

170 B
188 B

74ms
74ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c9cb812a-11a3-4207-8f21-df8f4283ece5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8253
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
632 B

18ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXOD0_9guhHPmq3keqON-ZYnwxWkHxSqun41TBPkXRC7GaR84FEK3B7JMo8aYCN8Thgsb3aIhdlVCrNsuOBSSCcNHvtYzneesJatIr8Fjqkh6ghHyaOf7PBuA5C3-JjrTikQmUPLdHE66v7ORmMFH6gZJKXP_3gdEustAe-WFHCN-ssi6s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8253
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjw78cxbePTpyKR7oz5EwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXOD0_9guhHPmq3keqON-ZYnwxWkHxSqun41TBPkXRC7GaR84FEK3B7JMo8aYCN8Thgsb3aIhdlVCrNsuOBSSCcNHvtYzneesJatIr8Fjqkh6ghHyaOf7PBuA5C3-JjrTikQmUPLdHE66v7ORmMFH6gZJKXP_3gdEustAe-WFHCN-ssi6s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0wqVzGU2oFL7VCX4GlOz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8253
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHM8LsTzftuW98WOQTJi9Q4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

43 B
1 KB

10ms
9ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXOD0_9guhHPmq3keqON-ZYnwxWkHxSqun41TBPkXRC7GaR84FEK3B7JMo8aYCN8Thgsb3aIhdlVCrNsuOBSSCcNHvtYzneesJatIr8Fjqkh6ghHyaOf7PBuA5C3-JjrTikQmUPLdHE66v7ORmMFH6gZJKXP_3gdEustAe-WFHCN-ssi6s

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 78c108d9-a418-4a78-9c84-e9e196be310a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
AN-X-Request-Uuid: 68a706c8-b5f9-4142-b26f-5b5e16723331
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHM8LsTzftuW98WOQTJi9Q4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8253
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.243; 37.58.58.243; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a06f377f-8e8a-469a-b3ee-07cb158a941d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczNjcyMTU2ODgzOTU2NzEyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F119
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
29ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Wed, 08 Mar 2023 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 3552030442047011578
tpc.googlesyndication.com/simgad/ Frame F119 53 KB
53 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3552030442047011578?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvGf2ckBxP-jNgrRPgMp_73jrIdQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 11:46:07 GMT
x-content-type-options: nosniff
age: 31600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53791
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 06:20:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 11:46:07 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F119 2 KB
2 KB 29ms
27ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 5773
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F119 295 B
319 B 28ms
27ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 77892
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Mar 2023 22:54:35 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CD8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

22ms
22ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A27 0
56 B 117ms
114ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8401600751325&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A27 0
56 B 114ms
114ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8401600751325&version=m202301230201&ct=77&x=1&cor=5310303770810689000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A27 15 KB
12 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1t7z5ydcflQPWtCmP_FcKaJ-AlVQx9IUsQbEww6n-9bH9YG8zwGGceflaY_SOMAL6f3tXEn-a4Q30fhQ9ruqSm3sO0M08PIuzWNlHbMW_SOS1ZzP19IOEbURIehT8BuzzLG1qfFIr_LE1jAecQZ9Lu7824xOe9sTmCp7j-hpfB35JNic&cry=1&dbm_d=AKAmf-BJGhVGWLbzRf6Ily2skSg5ovHG0zsk9fI6AgAmXCjkI5Fb_k5L5iKTf6vXofWH9g_25DACIJEdSXzgKVDJ8E5y4SdBjj1D7d5EfPhIQSl3EeZDWzvKxMTshG9SLCR8VSioedgyaMGU_wbQEk9G2dDVFj29JgWenZdSbkrttDN9yld-kDwpg38zhl5Pf9pmx2js1ribXtE0uvgEw5WIAuAjQ_NUOrE_ZKpf96y8hjis6oulp_iYpGtrkcwK73rHUqQSLMIa3DgC5qEbkatMvVAB1TGMGypgQw7lgoANqy4MQb0zcHXCZJttuWDybP6U0UMF_lgKdjqyGN2dB9zdDFDGgofn2axKHhTgf04h2tSZCr9u_U2qzu6ooM5S5pv_u3MQ-swTFLtkmKI720p6WafxInMPa8ZpZuigxjDdBgc_b2xOM-iJhiyISNMgJ6ubj381XvOVZIAIYQay5X7CXv6xwl2WMYnnB1jhdG7FUWMQIBqUEGejuJ1haaQwIHz4QXwB79CRkDHlBheCr6fz69HeKeeEB03CFAB3HHBi701FYy_qgBHa-4sRWGzpBXDZoBjjneh-LQoirpkN9qBKUHoULHTg1Fgkm-DZxfs85Vjzx3aPqxxZL15n05zOVd_HmSCUJuo6GR7vIDOj_07abXYuGf7mIifu8bdbTe5KeoJuALayyf6plRbieTOXCFEciAKA8xvfTqqVHwJgUR6accz4V827SVvBz4p3464X8vMAH6X_gktxUy7lwP20WUEf3JuM27TBp8YX91bSvNqYGo_aD-7W3rOEFKZzAlsNHCaQZu9kLvrxWRpBavX0eislyomZuhh5-VczdxlDlbVpZAQvgKgGgqoPedjrehDLVFxfxY3v0F4JquX5_-3Y_071A6zGiOZEHU0WlAJgrdH0gWzUBXi6Ytr2bo5T-V3dKtA2LLVUk1vhNr76vTztsBMar5BnRTArFA2GlZp5z-PdjMmXELPaozuXLIdHEmKLycbM2kom0dS29hwAe0TmPUH0FAKYdsTe6hG7bGffTVPDxtLESFfDXAA9_9pYnuOQ94OMnLt1YEF3S2TF7eiRkAP3xSwG49lndFmALdEeqJUYPFwLTZnwSRHkZe8Wi6IzmQPsDHTEQXo81gcBW20befIxC017PuBjE0tj81JwOaI3lI6S2WbvEGyCiffv43OA9cJF9qdoSyNkUiDs2wWTy-_GMGHKdTZvz4cxNia2mZvnLp6FZ9FjXOtEst8jSm4cFHf2zKcS9rlGgF67ApRzwLst6EeUBsEsrv8fLSfQJdGL85xJjoi8_uHGO9ukb8IbkUN5ZuJpKVjWTm7E84oSZ5oIZCz0zHE7uNckIdYglKMJ8VwXfyIOi41egiTioUEyrUJNGHFKwzCCajEmsTSinUCVsTsdFkAOWsJxlL_zRZ1eJ2pJiH7gVrOEFrce-qcR7sBA6x2fjEmcNKAegfNVFKz_ylxSFxL1c0eMah1dku0RVacvjvdzADWHzgVEmE1xNLBWmkzixH0p0bm1Xh6tCrc7yFCfnayWjyQL8QnaSxYwmn-yVse61F-38kc0V2wbnWIlYvkSuwG32fbTeiGWeViwxdg6avemeyi-3C0VBYs8eCKHkJ2EIdVpcvTyJxERplmLOiW_H6zJCrTyR7iDozzAzLH9anROKPM2GK0rAr9ctvWWn7yFAoBmZnNcO8C-lcHfAjzdyhizRxsEV0KSNb1fI0vkML-ejRIGVyz5T4pX9k8eg826XgurQo9Qz6q4cs_EUn5pFv8x3sDW2A1C0BNoAZUN4K8qZzNaGZt-zuByN_SS3YDHH2ads5BVF_4QqRTCOxg6RJ2NrWO-3derCt5K1r1ugknhSVXJx63FbC_l0D_MC43myKzKjoHKKAHtsPt0jC989pRRXg9z2cxG200bzQgzQQCLgbdiEYGCrB7oTv-XmrsCYjjbRYcCm5ikLBqYZKc6BqMbR2TvvR0G4up1mPv_eWwGCkbaGpwpJ8UDKzgAqqlQmMTeHTAiDRcL97IuVsCumS2Oh6fVXmjexA1P9otNUm7R1CftxDLgGT0WGi4PFZqGVziWheyLta6awz7G0NizAHdQiP7gVg_XU9bg3_bUrRRCOM7HwF_6DCt2feNyqrKUE5cAWXhmsL68XFyGDHY2svD2n598HTpef7SxzvsLRMbEw8aMwppZeVQ8N2AL-dcksrt8LuVhFTCHZNq6j-MkHg7mx2cBaCoWEn4C-4vzk38xgmv0-sVHtz1CZ3TeYtBOMvJFAiAwSn7QZRJ0z0E8Ru9ccsVIuIUBg8EaoaxygDzMXk34gKt5FbDlNLhQQmthxcV3fWSsobHR7QdPH4kl4XmMrmXL7Eu_zyMQVse36OqJYMFc6Va0OMXlC8QiszNWElaTG4tqOsEPoi5mrSvuSaCUISgCIKiD2-ZjpyBKG1HeihhJUR7mPuYtayRSYGhGoTICTO9D_oADHTG78lzNa5SU268JY-cEclbmExTQrGhSyziTM9gwu8ESSymln2b5iB3b8C3NDfnBnBxghiiNylRbY2J_e8ixp7mD-52yGIMglPIHYz2y1BT-5d9ONo-cDjIGxZ_j6Op7_LNKsGdqr3BgQMWiwbLQGkq7iunr9RLw5R6dp-4Xq4MgOX9nKstRZprOpGC7_h36yxFw96bxlCgcqQnGGcmGz5WbhyKw3osUiszKin3gzQIWQBCbeQJrMPqg3Kv3UClJqsXj2qpGCre-d_FgoaNgqSVMv1WRGTE77FkLogQdt3l505sZhjg5Po6Rov2FQL0eutvCwsTotwugNPW6RTHVvkkp_hBiT8p7U7luRIfd5lUld1StZVO0Waz1o0wiN6wI7i5H5I3p4TI9-eY91NNGYbmEHG3nqoZ7mr13EJMgYIRGGUJzOtpqspV1b1Z0drvjK_fhMlgdgDAYqKfJyvDtHU0PNEs7Co25OBwHjGVpoHeuC1-zUsW2gVT6bmaGxNvjuRZZ9Qd3rcGRtnDSlybgBRcyPad0omsWEnVQkBHr1gJWTsEMPpTfISSw0ZGoBxTrkpZH949mVpuRS4FwyKbFhMwHGo2RXHeJQ17T3RR_rn_zPgrrKV21p-bv51MBVkmzxhL8W67B_fu3mkhpFvBfhYYaWohanp6TQB6QHjJ7bgHE8mDDhGmOgOSGCVABd3eW2aAg2YPvCp-MrbrqThIGd-ofZxPGiwSq__tkm4QYmvgqbAlNNWTuD5VLC4Pgbvp9ojoAPidSb6QJiZWrTUHHzLZ0uNgSWnph7thGy7zsLdgy5-nCQ5mj5g2nINMCoo1w-qY76zSjZtR4XK7Uo8vG8g-3tUcxGlwyg1kccvH-hZZQk4h7YiFCX9p8mCp5VYjWpRU4SZvf7H-3BTvAZCqFUoOKD8gnTLlsWVgSoL0Yhh81aRU9Dg5DaTuH5Pna0fYjYAiL7h5wJZ-e7mCrCBXJSzAly-8FGXbhc5J8T8nrxYWA6V0qDl0hzmXivVg7KQu0Cs3BwuYLSyutVqqZA8OO9oEeFtLuhVZBGtrGUJRZ0L6AbeA34cYZsybyBxGUVVPLmt-6K8E4eC9fVKo1Ekjv0H8XE8wSV-d0IEtKnQIvY7I_B4hqJNgid7WEPDfCt0Jrc3LosfBA9MbxcxrX8azQUPF69AwGuGFNBolnF1316FPYGnCEzxOrniR5up4xptDxYj62FPeqDog8qNEezVzUga8MUpVvjG1jSTnnpA6ZMeb8DPFmQ3E6kg&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=5310303770810689000&adk=943508955&idt=159&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7378e3849740723b2446181c8b5cdaceab213a9115a8dcc29163aeb93081c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11640
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2620780678268416998
tpc.googlesyndication.com/simgad/ Frame CD8B 50 KB
50 KB 21ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2620780678268416998?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmCNESWYgwhUfwzycZuaZLpno1ZcQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f09df56f7aabf366be449dae49c8c86124a42b71177240307820a41c7a1a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:03:36 GMT
x-content-type-options: nosniff
age: 559752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50836
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:45:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 09:03:36 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD8B 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 5774
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Mar 2023 18:56:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD8B 295 B
319 B 18ms
17ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 77893
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Mar 2023 22:54:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 971D 30 KB
30 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://embed2.audioburst.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:48:40 GMT
x-content-type-options: nosniff
age: 456248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 13:48:40 GMT

GET
H2 200 ab-icon-font.ttf
embed2.audioburst.com/skins/_common/fonts/ Frame 971D 11 KB
6 KB 12ms
11ms Font
font/ttf 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed2.audioburst.com/skins/_common/fonts/ab-icon-font.ttf?7270ne
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/skins/_common/css/ab-icon-font.css?version=2.09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0db04673d05d044ca6db74cfe3af56f3db365cc7ccc4810b6e23f5851ab8cb3d

Request headers

Referer: https://embed2.audioburst.com/skins/_common/css/ab-icon-font.css?version=2.09
Origin: https://embed2.audioburst.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:47 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 11:32:08 GMT
x-azure-ref-originshield: 0C1YIZAAAAADXLWWB5yulQ5iFOLSUmEmXRlJBMjMxMDUwNDE4MDQ1AGU4MzhmMTY3LTU3ZDItNDk0Zi04MGRkLTFhMDZiY2JhMzAwNw==
content-md5: nmiSYb+T5jWL1n9+f/OMHg==
etag: "0x8DB197F6CD083F6"
x-azure-ref: 08PAIZAAAAADk3f+17cu3TpEPvYVZst7oRlJBMzFFREdFMDMxOQBlODM4ZjE2Ny01N2QyLTQ5NGYtODBkZC0xYTA2YmNiYTMwMDc=
x-cache: TCP_HIT
content-type: font/ttf
access-control-allow-origin: *
x-ms-request-id: 5520b6cd-e01e-0023-646b-51525c000000
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 0
56 B 120ms
113ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6393652881918&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 0
56 B 120ms
114ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6393652881918&version=m202301230201&ct=77&x=1&cor=13145880665544507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 034A 15 KB
11 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUIXI0M-MP8hBObFNFQ2Fjbi5y_mCVypQTlKGaPb9FdLcT4WsHcpAOGkeL0GM_jdhE7PpePPS0hoe4NeZpc1rSWwGnyCj4knYtc9xRU15-fiS6rGeUBGN3RyCqkKca6Iyo7hkyFXhILBAnQJsdU1UISTHUuV5TGTjmRFaQiybymN_Ede4&cry=1&dbm_d=AKAmf-DvxQP2GYKWdF-8BNmXDZX9y_zKtJ1Z_hMxWL_UC4jE20g6GcuFKLeR2HsD7w0pEwLAg7zXlRAc1hC9afc6Yca9I9GCq4zD0ffiGFtvGNxvGmuOSQigTvJFdpNVo1zW4flxriGe4on_FySrMzuNxTDK6FXdvhi2YNDNZk5v48HKzEgU-f35ja3jBm-HSWWn3zwpQMdZse_yIuioR2aZdO2Y69EDGYV9U84MtD1zaMPRw9j92BqqQJXqTQWLR5YtLLoc7QFcnuDTh_KAi2pfP-yFL5FTbubagztTtsCxcA_2QPmF55nOYwvxbbsQWfYLSG4bX4BibLhZHxnwFWp3UQOC7xKVK49f_Ogzhyf063HGanoV0u4TmRHPDzePBTwZAw5jAfwqKtkpeQfk-kzgeUIixvu5_I5Lj1KdbpepR0NgISqPs1ZqidHcB7a-80yaE3-HjNcwduO0uz5yhaU7mnjija3-KlUzicAWYyQwKRTohuhycgT4yDgCRR0Nd-iWKrBsagMfAdL4xUVUq3m3njdP4KCoNuKXXmWZaBfNEgucbPs7hvIg-2nddBBURdd3_AgcSjqT2kYBplnkZTypjUkH99hGIMTOCOOvBFEFrsi-I5UIPUpkA4nuBKmN75HdIwe-CuIueRz8HI7DuuLqCXPsPKm2RIqZWI2DlOk7WrfF2NGDetHYVDqpnaYn0lHMpskdcgi8N43SW6ex-rRYS-mOXxU5w66_Xl6FHubZ9B3MIBJOsejZRED_vdSWxvsOlAMJ4Jg7fpyc5QL40AfJplLYoQUPqFN8KwyWZGL4F16g9QEXeNI3IMMk7Cc-ZIKn-3bI8OgowuvUnuQzpx9ApEe30LloWGWHTlF9oEpWoSG9ZkObcnzvcGqesd0ySYMpjdjJTW7wuX9CSwsfxwaGWLxUMd8QtIGY1y5UEF1hwCv6vV1RrfHuh1NqgB4SymY8gjkNAK1MTqM0Nrw7q_zp9OBf__KWgFwKFlaS5l5B2N1AaZUpnfcujMWMeApqy9_fIPXdJ6iSapMtJ-KRPxsqTx_G8ME3fD4MH230733_cDTOsZ1rHYJk6-KVt1fOM6wL08fNWVzcKfMeGv5IgY5syb_OBwgBhkF5-2QKgw97v-yETT5xPzQ_faz8Xt5_oktCNX_FPAR1VaIe-IY0lHel9jntuG28eqHTTWwulCPysM80e_0CFdf2lbBO92zwXpJ_yEQINwAZvDXzQvETVTxrtKDS8BjZZMiff1EfXvwzyy7i5MatDVUzbogqmtxEU9wdvpIqSrQab4ti8LOGw2maA_qI4GYEIP9mPyC7S9noZnhQnf3DT7dwCZGfxkhrBpzRsXx_4dGxilADuN-O8wwdMm819SgobKgpwMtR4vG_b6hcgAYAdEX5YzyXdb0KVaATFlrYWPmJzwAOBZL3k1yuS-UAwlpAyAXSEgBO4t7jcKrDu--3Z0nRf2lnalb1QT6BBlLysaG--xNxEzUbOar850L31hh-XPgbP_fRWq0H4wesx5TcrfAXoHbzfh_xVcarPSYPCp169a8QGz0RkSJmhPMuCJuZwD-akvq8EEqr0ti4jMkLmP_ZOlcyVJ27sZYnk2gXlKh9rjMaCEbYl9ecOn6enNcSiGR9kqc1THlXs8dG0_kEdNsOEKmHjYDfrwLw8bZCgAxEtb4X_yMKukcvDAw9M-GVSBKYVHW0QOvDPlDFTyDm3rCJsugOCPdgjtZOPJqV61FsQ_P2hilgORta-AnUxOmHDyZ4XS1WSyLybVL11LknIHziu-VbleBTmHYqDTU0pUjWjWtH9Yqxs3M9g7PDKx_hIER4boj8PoatIEdOGSGMk8CoKqgsh31twLTDH8JvWlEsrJzv9tRgTv0bn75DMHSNHfNNT8xDToM5vJu8c8QHcEMmdWQ0EIclb9kFjQNael_hSn0C4B9Y93imiJAf4kgEf6VT32JUIoBmZaaIZgBW3jyWL2VVV_cPY90FkblyCEndgBoqn4dZkOgA7t8gecAeuisd17Vrg4DbgSNEJR671pDxyg1f5VrLpcXeN7mBu3ot4PuNJvgRf958RVXLnbcIKRfQD_PlQE2ka1viDN0hJbPX6h-5hveDwntcgn0X5Ch6vTQut9G41tNw4bxapFkeaM8vdWNAsouQp5CnG0PbyNAMEu9cu0fG55uS7TJTrvP_1IQJNhKmeyr4KSHaNDvq46VAbqZHvYVDmDNU8TYw8BDcefa9YbLM8dfLZ1K_m3HkPPKZ8ZQ6XW-kZOl8Em7F4ECG7hJTYozryJAS_0i3K4P6aloJfd2Xmu4iFwpKTeg8jDGZFMNk3iUmwMmKPHHHazInjmLusMIhDi_wgPeCNicmnxdHLZs5fhUzwEXU3LOxR8FZe41_XMVCUNDaoKNuszFGltkPHV0XpNducm9Qicp54jRv3nDPlHrYrcO9nzsFr2a597u8vEOfxTmIyWw6NJPP-tiJUgPiimdCWJznPJPmJN4hdS3lZHU-yTeM7TELNIZ-3Sn0CfYzCaCHiDOAieu3Eh4M1JlCqGm8V6YkKx39WzoObku4fzt85813jhJxakwGz-QN6o-NRMQtrff3BQG2BRZFqH88o2IOfBNnZf2dwK4YxwMYzOKU7J4n1KFRL-kfYa5kANicQQo7eJXX43BZ7QGxZ9Vykq0KyXxWlEQF3jtoK6-etQ0e3mFd1JkE4JIPSbR-RbMzTpY_z18SF3u7gw8upNjdSqCODpmj5SPkkNhcTRiaEJbDQoR5bdJnLmkHhTCDLdTYjdoUchKWW2mH1Ah5-gEeZuQGAcRd41nKGLsOQ1BcXR-FGsBAUPbD2WRcs7LQ_M_2JSwwajJbQiYfYK63chfncZlsEZdcmslguAW1LTvaOtPJKbgK2vutS0arMkHlh7ji6v2Q5XWZfQMkm2S3c-DPTUGNVJgU7cO3HX2D-wL3-EtpX4Tv6Fx6JE6vj3UjPDbOLOIrt3HhglZtJ9ioqdDzi1zsJAGVALKkPjqM6Gi-2ZLGug1zGPVkWMgETNuVGrnslVeH4DwqzJnKE27fq-_BZ29zce0ZQDhBQaKPKyhdp2kMo7nOqV3vrkICplNy6iwqFBlUUCSGGMhry3QcYDH1UwJp659IxT_fdfmXkQEtiOS_Vq1VkfGI8oLADfW-OGaoVHYtM0ixNGToo4JeOg7zlxCCxNiBA2mLVPZzhbS5khSSOitFiqf4cnaZO49QFmOPpKnYmuMzLgqnPRUEewUP8rSFveHWRJa_gKjiWITqrnE2VDsFSeICbU-r1r4aW0_T2W-eMaUw7n7SyXqWYOva-ERu1IBhUsJcG-GDek1n_3S6ZZBPyT571zJxUutGmNTs4ToUY4MtvRKtnMelIgKU-b8xYRlfi9CeWaZymuS_X1_2uOriqw4eAOTTaEDigC8cFGky07Iksj0wKoo10DksvB3FpgVOkgl0XnZwhV9537NbFhegzPXJ3tnlWO7AZxrQlsvN4V4eZtisdhd1zRbLnbLNG0kfT43ZrKHTAjr8k00VzOIYXtONtpi3kyskil_thqIozWKTDzMm_iaK15zpGaQBTdqJl9y0SVLsta-h0F8xtEWdLe2YGDjxy9Sk4RuAT4YHMJ8LWyhx6N6Bo_dr04QWWL1X3sLfBeXoST2lH4jhOIFaWZu4doG8UC4PmZHIhYpBc5DzEBaGABRGXaeJvltQbSpNnG1AlOMZlXuzb6mp6luf-JiAEXsdH7cMQc3PgiV0I_3E8Q&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=13145880665544507000&adk=3690638929&idt=225&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62e79b571af91ef51f0fb020e689dc0949d3d0ba0bfe52001dc7ce79e06b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECC 0
56 B 119ms
115ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6487801234546&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECC 0
56 B 117ms
115ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6487801234546&version=m202301230201&ct=77&x=1&cor=730127399378076500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3ECC 15 KB
11 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtpYdbjaar526Z6IdMxZtKRYuV7QysEeBXPFDwO9lOVo2yfRFLldTEirHAssYG8dNkJCXakBqO8GDYs6FGfvFV8pgjkuPqJ-86u2moaJhw5m9GlopDVupnMEsVTvDKsMuaCSCFhGh9X1pN-_z7OnFAKdCY8EcHSzqqDUWNukXO8fO-dVU&cry=1&dbm_d=AKAmf-CdJ2pPbb7qWTkt2dhiny_nebv6hDMYqApur7uW23WkBp7I9P_pJMBSOPd39imv_ihlhy7kEz2DLZ0VILsD7ydV709pkWSDXFNJegeZDFMC3rhjqtCMJjnvaf3Ui8DMVaZBvWluoz81e8nokvSLsLCdtOwg_N46Q8Ug4do7ivQtniVith4Bo0NR7BgOSOh67UyvWU4__4VF61d0KyrV8eqg7VkU5uH0z2i8hZzYRn28ojC37ucWuQKDV7BuygFlyfQAOF01doO-3R4nXn1jzPy1LsQQ2gmhWEjdJ9TkBWwAgkpsgOsnfBfE5kUcHER2GPHNa1_vxk9NgoR2SxD0zmc7xnIVhJlACUzSQuBMrQPXbTOGlf2zuYS4BkgYkIo1k8ChO1gFyDVHNXm5CqN7zVNK87M5WBQy281GdnuZ4IT1G_wxBLmf9EeXnduAxTVuNNhY-8vwnZhpwQtkuohAVCOnj5o0pfdYGT479kHA9E0e_mCUnK1-mfKbwT5g1eZJM9iK4LyaWAeMDaWiTL8vBZzxO_FVayJjSVZ--if5YQ7_fj9iZveEs8yALfA4-oEiUoHPMuImO6fnGDIC-wTmn3JMKg30ZSpRC_wg_VwZYYAIvaQtE82QsVoUYziEgZJiY_X6CzizogOo9DpcWCrG0KJoCo9k7uhPPn-G0V8087aoPHJxl7Yhyp4Lz0PoQQm_Nk5Ndl_Bfyb0l0DXG69cN8uV7USPEHX31DwR_9tpQq9c2tbGw67XRluYZqhngkQiDIaNuN7hIXqPwonogWN61odnbZisCLvwVHIZCqwhs88MbIJ5wVwixZcCtsFqoy2j2EMpdrEkxVtcQrsO_Dc8UMlyygp7unaVxgdgOQvQ3CJ7Fn-2pga_s_h32Ds2RDp4CFq_DAahBayxSlu4obW2doQIhzfdsqWC5i59yOa_DoxefvJNJes2SP3zEqnXyKUuiW97DIP4cY9MAwDH5fOphgAQ0BbUMLn5ozQhBAj7zTSNRoiGuKWrYd3lHxPjDnA0mpFnum7ZpAxtRSK2Q5xIMm0XrrqfWtsJOscYYuoPQQ17MwkcT_Pzrz-iTNuiOoCu1b_VEkLmR7B_hr9tdMZ8yRZV8NzvTPJpyh_38APAxuWhjop80Bfrpy-_htVt7hKDCSCb-htoocQGizTJJImpAUt08YE8FZakEXMKuq0AHqlzJhvjGqEaNWQZrn12YzWXXspIC5-nDFGD3vQOb6SGVNq82ZFJMMuqvAm4f1oq3UqC7YntEmfeFmKCf-jyDdT8DMds1IReoqfjwzG4opfx1OzZ7B0d-BxjDJg0YUB_dF48YxoGbOe88L_Ip8RKWGlB4C0xNmVDY04Nq16ACxxDlxIpeY0hnWe3XqaeF0ZWtm09KqwCiMxI3-B4b7g_5eHif-ClLqZLBRU24ZwcGU9mmfS7Z6R4UAosd_97fxLP4QKKlmqd2zUoKw24iQaZf4pEAUbENoE9DtE4KbH_wxqVaprBzqM7casYwwbqnMKV_YskKKODfBENJXSH-DW-pO7zIrm4Sc2-0MLMQpoY0AbUhwSffaGQzGJLh3HDbZisrfGI9lyQQLoBZetWkpxe1CHTc4btTS6lJiRZJjwoLjeoHay0E43qeHDMtnLbeEfkPNmPBTQGJSVA1IpdbV3nKDziLVtyzHMWlCjuIEzb9Ux0N7mRCkvMOTvtCRZJBJONA8Cyeak76HjK39b-OYskbnt9MjBwI6KC7VK0OXB4mok-PfWgwmujc5LgRb4bHRD9ErsID2gO3nsrmvtaOPDm0G6BY0c2UZ36Hq_2626jo2gKDHf_lF4Rb98Phoyz46tCFz5_rGTXu2BBEsZj0NZ7u_fofw34f8DH_cWAd3XE3tPBbp0vyx2sE6W2Ofe2ByHsur74DpX7c7ZWDrVDixG2peI_y7YJEMhS5e-9j-y0LbFWS5UU8GmB-KRpuekty_WvFtyD6l6vIysTwRQHdhgoa6GnollqkFKU5vRXmyZeS9_6ExeHgOgfXekL24ae8y1WNZQRjgXul-lqup4F17VTecmjACM5_b_A9W7t_seuGFE-uhvl4cArifpP3LlvUEDq0HKBmVjqy0cLdvyt8hDpqQApf7lOmB4o2iEgYrAQjHNd7rUOJEg3xLCIWMdmeSCYsTxrxNOe-mjPRGAlu7M9T2tvFc29luyigC0waVnjxB1_3DtjE8vcaxhAZH6nNzgm-GelkaFGLc0N2tRE0OUzUqDeeZbzhBzRE9vg8LlCPbnVAYRvi0OaJaMnD6d7QvLOmlMcDqZgenD3NhWpJ21mvYzm_LdG9Cmhsh2NuIM_Xh7-N_W7DBZy0kN8r_uYBcxXv6ALzhe7lkzJEH_X1Ch8lOPHVJeuMn21-yzg8qSfTafroyPv1iUPXrwEVypOqPrAJQCeL11xK-bS1ZLixpaLdXDKwHdITQgjoI_N0QqH5-QSHB7PH2fdGXPKBX7O_bLnHgPm8HAmiBWMXIfPniLI8uoPbsXKoCpu3mVDf7-P0Bhnwn_FNFJVH84cAqIjWGh2hYnmRl6dU2HCS43uVSaVmJFy5Gu5XeOUgX2TlgE2ptQUwj8VaZR9x56y8YXEWd0sEx6ufVeuenK0RR3Gi5o5XRzlw1xgOb5ZsoHuiXSYd9rBVHZgOGyab1lBAxavlA_O64LczCSWv1BKgj1_rBqsjDM4zBR489mvahW3bJIBkYqsr10OTops5Fy32UQ7T09F2bkY_CNGVSj3zjXAUuRAj7i4Al5hfwOR64Em41kF1GjT4m4YMviXCmBHca2u8ezs7I8b-22J3p5CYt0R3sdd9lrg9II1Tgne4km0W3ddU1_-k8qU4WGqulRauV2z7RXPWkTprfQqQ-Xj70Q6Jpy3SPTg0up4NY4ZxDvd-j43_rCyhfuMQQ_kX87lA8I7zv4br5tr3jWhU5Ue6aUUOBaB9-YPaciv68sIxexaVimTitnQwRywEIqAJuevrDAgl16DWzXB6YC_HScoAGuCpCZKaO_cRoDMZf_dcUJDbcPYViH5-vLdJ02QynlQa2c7BrsCnez7e9Q48qmXskK4oG071tLSBlvJbCEXqzrhDH7US-_WuEZ2eppaOd9zMYQ565iN9DPknb4X-LziZWFWsHnSBZOdfW3hy-CfzlY5d4mt52boviUSajpgO2nzS5d4TjNZqoY7eca9mnAvFr9ncozB6ZQMVnti-NPP3_QHxwY6rpxAcDECLcZUJhyxkx-FroYICq4hqb_w3T_JeRN14KUg_Nem-bokk0ijnbg-nAzORz-WIENSlFwvejQcs-0FV9dZIkP0Wec6gIiOHdvS_XTlaxEpGTLLhCznyifNBXZ3cPPyWZMXsZz9A2s-I-SYsjBGj_-LbCFmvraH7q8LO7sDJxitVL15fqlIiGYBbND2PBICo5unjMTfW-Lqb2W6RnaeTn8GYeiGAreL_-vHFmwVI6ZChPLJCiyskXJ4SD9dLiVoTrQ2qfN43xt9kH7gx9VrATnLn6eZhFEvVfcKCdQnY2XHhcbF-A6YtO7cB-N7z1baqT9PDYq9DmWBGdUoKlEaSxOjykzeNnDh9_ZrWDJr1GYGx5MndImHzKDMGmHabppsaJJkHEW1uepCS5y2M2c5bJhq63s4a6oHzPyA2iY5EU6h5OaPr6GCV5L8eIKr4SyBN81Hwa51Am9MBE1vNLcQvTFbq6IEnaLT4Zq3u2dMBwezw5CniyCQ&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=730127399378076500&adk=1033480531&idt=213&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb88553c2e4187536f6e620ea380fbba084011dd276f674b89443108e502fe10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preview.css
aptivada.com/promo/assets/css/ 8 KB
2 KB 185ms
182ms Stylesheet
text/css 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aptivada.com/promo/assets/css/preview.css
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-38-199.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: ad0b39f390b09b089dcb7984459f325332e6731c8cbdf5ca2be2900c6537038e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Mar 2023 17:03:54 GMT
server: Apache
etag: "1f5a-5f66683585046-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1639

GET
H2 200 1433390 Show response
campaign.aptivada.com/poll/ Frame F3AA 1 KB
1 KB 20ms
20ms Document
text/html 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 758524550bc5b337d911fb8ee21de4bc2280379ab7848af0345c1e151a295a20

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 407207
cache-control: s-maxage=31536000, max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 04 Mar 2023 03:26:02 GMT
etag: W/"5908d0e755e4390e9b1688097980d9a1"
last-modified: Sat, 04 Mar 2023 03:18:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: zizbZWWNp3tjA96y6antd_Di7MRgN--0zcMhf1u1bOh4AeSKHjiNkA==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: nbkaowpdtwJaq59ddHUZOy8tY8shmSjA
x-cache: Hit from cloudfront

GET
H2 200 395102895_poll_1387744_standard_1671713353.jpg
cdn2.aptivada.com/files/app_graphics/ 74 KB
74 KB 55ms
55ms Image
image/jpeg 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/395102895_poll_1387744_standard_1671713353.jpg
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 108b7fc28fce0fb988e59cfc7d026246da4e76e9c047f2839d423b46ae8d702d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 17:42:08 GMT
x-amz-version-id: U5Eghq7ZIyybEAR.Nr85L_jQ_XBRs.CO
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 12:49:14 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 183040
etag: "f452eb9c9828556755b70e54bfe63c3e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 75299
x-amz-cf-id: J-HZ_ZXWurgHVF3eoHmc0eB-8cSECi25iH96OoR7qnwTSZ_dSrc_Hw==

GET
H2 200 1433390 Show response
campaign.aptivada.com/poll/ Frame 7F65 1 KB
1 KB 19ms
18ms Document
text/html 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 758524550bc5b337d911fb8ee21de4bc2280379ab7848af0345c1e151a295a20

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 407207
cache-control: s-maxage=31536000, max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 04 Mar 2023 03:26:02 GMT
etag: W/"5908d0e755e4390e9b1688097980d9a1"
last-modified: Sat, 04 Mar 2023 03:18:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: jEU6AT79IneuBSC85yGg_dSnCuYMuu2GdyMERa0MYWOO8ALLLs7CtA==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: nbkaowpdtwJaq59ddHUZOy8tY8shmSjA
x-cache: Hit from cloudfront

GET
H2 200 font-awesome.min.css
campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/ Frame F3AA 30 KB
7 KB 613ms
612ms Stylesheet
text/css 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c16ee0c6f64858e01d8fcb448d339955ee9e794cf54989b8d0f9817a86e568c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: D8WVc2Dk61bxL9LNw52uqdHkwTVBGjtJ
last-modified: Tue, 01 Oct 2019 21:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"e1b6858b75519cf8e37d9df3c1934d3c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: no-store
x-amz-cf-id: EJvqxcmH19oThxempfkhMuMPGsgYlSMmrLKOYKAWV3yPIE5y457EHQ==

GET
H2 200 poll.636a79b70f1022ab6b89.js Show response
campaign.aptivada.com/poll/ Frame F3AA 3 MB
788 KB 14ms
13ms Script
application/javascript 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b143bd9a767b7d591ac78caf21309f55e68301e3ca6d7c8c0ad90eb8b97fa89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 03:26:03 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: qeq7ocaPNM6lb7KfEPwB1UCxjMYiPuqd
last-modified: Sat, 04 Mar 2023 03:18:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 407206
etag: W/"15abfe27933290e407429acd49d8bf49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=31536000, max-age=300, must-revalidate
x-amz-cf-id: 1xsWiQdjNvh-gpZWrhugCfRwI-AqAncqX8cr13ZquiRyI8L_d16hfg==

GET
H2 200 redLoader2.gif
campaign.aptivada.com/assets/images/ Frame F3AA 13 KB
14 KB 607ms
607ms Image
image/gif 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://campaign.aptivada.com/assets/images/redLoader2.gif
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99e2d2c58a8b8a08b28207e674ffe1595128d7f944c3deb6dfd83bf463d4a9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:49 GMT
x-amz-version-id: 5pYgTcmRG9iahVdzM3.ZYLVan4va.OQr
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "4517d01a632f61fd4fc7510c799d12dd"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
accept-ranges: bytes
content-length: 13511
x-amz-cf-id: D7J8akXUjZ2NLtXYH8nxYNLIVutK82JdfpY_JEK7jRouaWeQsQB-eQ==

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A27 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1t7z5ydcflQPWtCmP_FcKaJ-AlVQx9IUsQbEww6n-9bH9YG8zwGGceflaY_SOMAL6f3tXEn-a4Q30fhQ9ruqSm3sO0M08PIuzWNlHbMW_SOS1ZzP19IOEbURIehT8BuzzLG1qfFIr_LE1jAecQZ9Lu7824xOe9sTmCp7j-hpfB35JNic&cry=1&dbm_d=AKAmf-BJGhVGWLbzRf6Ily2skSg5ovHG0zsk9fI6AgAmXCjkI5Fb_k5L5iKTf6vXofWH9g_25DACIJEdSXzgKVDJ8E5y4SdBjj1D7d5EfPhIQSl3EeZDWzvKxMTshG9SLCR8VSioedgyaMGU_wbQEk9G2dDVFj29JgWenZdSbkrttDN9yld-kDwpg38zhl5Pf9pmx2js1ribXtE0uvgEw5WIAuAjQ_NUOrE_ZKpf96y8hjis6oulp_iYpGtrkcwK73rHUqQSLMIa3DgC5qEbkatMvVAB1TGMGypgQw7lgoANqy4MQb0zcHXCZJttuWDybP6U0UMF_lgKdjqyGN2dB9zdDFDGgofn2axKHhTgf04h2tSZCr9u_U2qzu6ooM5S5pv_u3MQ-swTFLtkmKI720p6WafxInMPa8ZpZuigxjDdBgc_b2xOM-iJhiyISNMgJ6ubj381XvOVZIAIYQay5X7CXv6xwl2WMYnnB1jhdG7FUWMQIBqUEGejuJ1haaQwIHz4QXwB79CRkDHlBheCr6fz69HeKeeEB03CFAB3HHBi701FYy_qgBHa-4sRWGzpBXDZoBjjneh-LQoirpkN9qBKUHoULHTg1Fgkm-DZxfs85Vjzx3aPqxxZL15n05zOVd_HmSCUJuo6GR7vIDOj_07abXYuGf7mIifu8bdbTe5KeoJuALayyf6plRbieTOXCFEciAKA8xvfTqqVHwJgUR6accz4V827SVvBz4p3464X8vMAH6X_gktxUy7lwP20WUEf3JuM27TBp8YX91bSvNqYGo_aD-7W3rOEFKZzAlsNHCaQZu9kLvrxWRpBavX0eislyomZuhh5-VczdxlDlbVpZAQvgKgGgqoPedjrehDLVFxfxY3v0F4JquX5_-3Y_071A6zGiOZEHU0WlAJgrdH0gWzUBXi6Ytr2bo5T-V3dKtA2LLVUk1vhNr76vTztsBMar5BnRTArFA2GlZp5z-PdjMmXELPaozuXLIdHEmKLycbM2kom0dS29hwAe0TmPUH0FAKYdsTe6hG7bGffTVPDxtLESFfDXAA9_9pYnuOQ94OMnLt1YEF3S2TF7eiRkAP3xSwG49lndFmALdEeqJUYPFwLTZnwSRHkZe8Wi6IzmQPsDHTEQXo81gcBW20befIxC017PuBjE0tj81JwOaI3lI6S2WbvEGyCiffv43OA9cJF9qdoSyNkUiDs2wWTy-_GMGHKdTZvz4cxNia2mZvnLp6FZ9FjXOtEst8jSm4cFHf2zKcS9rlGgF67ApRzwLst6EeUBsEsrv8fLSfQJdGL85xJjoi8_uHGO9ukb8IbkUN5ZuJpKVjWTm7E84oSZ5oIZCz0zHE7uNckIdYglKMJ8VwXfyIOi41egiTioUEyrUJNGHFKwzCCajEmsTSinUCVsTsdFkAOWsJxlL_zRZ1eJ2pJiH7gVrOEFrce-qcR7sBA6x2fjEmcNKAegfNVFKz_ylxSFxL1c0eMah1dku0RVacvjvdzADWHzgVEmE1xNLBWmkzixH0p0bm1Xh6tCrc7yFCfnayWjyQL8QnaSxYwmn-yVse61F-38kc0V2wbnWIlYvkSuwG32fbTeiGWeViwxdg6avemeyi-3C0VBYs8eCKHkJ2EIdVpcvTyJxERplmLOiW_H6zJCrTyR7iDozzAzLH9anROKPM2GK0rAr9ctvWWn7yFAoBmZnNcO8C-lcHfAjzdyhizRxsEV0KSNb1fI0vkML-ejRIGVyz5T4pX9k8eg826XgurQo9Qz6q4cs_EUn5pFv8x3sDW2A1C0BNoAZUN4K8qZzNaGZt-zuByN_SS3YDHH2ads5BVF_4QqRTCOxg6RJ2NrWO-3derCt5K1r1ugknhSVXJx63FbC_l0D_MC43myKzKjoHKKAHtsPt0jC989pRRXg9z2cxG200bzQgzQQCLgbdiEYGCrB7oTv-XmrsCYjjbRYcCm5ikLBqYZKc6BqMbR2TvvR0G4up1mPv_eWwGCkbaGpwpJ8UDKzgAqqlQmMTeHTAiDRcL97IuVsCumS2Oh6fVXmjexA1P9otNUm7R1CftxDLgGT0WGi4PFZqGVziWheyLta6awz7G0NizAHdQiP7gVg_XU9bg3_bUrRRCOM7HwF_6DCt2feNyqrKUE5cAWXhmsL68XFyGDHY2svD2n598HTpef7SxzvsLRMbEw8aMwppZeVQ8N2AL-dcksrt8LuVhFTCHZNq6j-MkHg7mx2cBaCoWEn4C-4vzk38xgmv0-sVHtz1CZ3TeYtBOMvJFAiAwSn7QZRJ0z0E8Ru9ccsVIuIUBg8EaoaxygDzMXk34gKt5FbDlNLhQQmthxcV3fWSsobHR7QdPH4kl4XmMrmXL7Eu_zyMQVse36OqJYMFc6Va0OMXlC8QiszNWElaTG4tqOsEPoi5mrSvuSaCUISgCIKiD2-ZjpyBKG1HeihhJUR7mPuYtayRSYGhGoTICTO9D_oADHTG78lzNa5SU268JY-cEclbmExTQrGhSyziTM9gwu8ESSymln2b5iB3b8C3NDfnBnBxghiiNylRbY2J_e8ixp7mD-52yGIMglPIHYz2y1BT-5d9ONo-cDjIGxZ_j6Op7_LNKsGdqr3BgQMWiwbLQGkq7iunr9RLw5R6dp-4Xq4MgOX9nKstRZprOpGC7_h36yxFw96bxlCgcqQnGGcmGz5WbhyKw3osUiszKin3gzQIWQBCbeQJrMPqg3Kv3UClJqsXj2qpGCre-d_FgoaNgqSVMv1WRGTE77FkLogQdt3l505sZhjg5Po6Rov2FQL0eutvCwsTotwugNPW6RTHVvkkp_hBiT8p7U7luRIfd5lUld1StZVO0Waz1o0wiN6wI7i5H5I3p4TI9-eY91NNGYbmEHG3nqoZ7mr13EJMgYIRGGUJzOtpqspV1b1Z0drvjK_fhMlgdgDAYqKfJyvDtHU0PNEs7Co25OBwHjGVpoHeuC1-zUsW2gVT6bmaGxNvjuRZZ9Qd3rcGRtnDSlybgBRcyPad0omsWEnVQkBHr1gJWTsEMPpTfISSw0ZGoBxTrkpZH949mVpuRS4FwyKbFhMwHGo2RXHeJQ17T3RR_rn_zPgrrKV21p-bv51MBVkmzxhL8W67B_fu3mkhpFvBfhYYaWohanp6TQB6QHjJ7bgHE8mDDhGmOgOSGCVABd3eW2aAg2YPvCp-MrbrqThIGd-ofZxPGiwSq__tkm4QYmvgqbAlNNWTuD5VLC4Pgbvp9ojoAPidSb6QJiZWrTUHHzLZ0uNgSWnph7thGy7zsLdgy5-nCQ5mj5g2nINMCoo1w-qY76zSjZtR4XK7Uo8vG8g-3tUcxGlwyg1kccvH-hZZQk4h7YiFCX9p8mCp5VYjWpRU4SZvf7H-3BTvAZCqFUoOKD8gnTLlsWVgSoL0Yhh81aRU9Dg5DaTuH5Pna0fYjYAiL7h5wJZ-e7mCrCBXJSzAly-8FGXbhc5J8T8nrxYWA6V0qDl0hzmXivVg7KQu0Cs3BwuYLSyutVqqZA8OO9oEeFtLuhVZBGtrGUJRZ0L6AbeA34cYZsybyBxGUVVPLmt-6K8E4eC9fVKo1Ekjv0H8XE8wSV-d0IEtKnQIvY7I_B4hqJNgid7WEPDfCt0Jrc3LosfBA9MbxcxrX8azQUPF69AwGuGFNBolnF1316FPYGnCEzxOrniR5up4xptDxYj62FPeqDog8qNEezVzUga8MUpVvjG1jSTnnpA6ZMeb8DPFmQ3E6kg&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=5310303770810689000&adk=943508955&idt=159&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:54:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3ECC 41 KB
15 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtpYdbjaar526Z6IdMxZtKRYuV7QysEeBXPFDwO9lOVo2yfRFLldTEirHAssYG8dNkJCXakBqO8GDYs6FGfvFV8pgjkuPqJ-86u2moaJhw5m9GlopDVupnMEsVTvDKsMuaCSCFhGh9X1pN-_z7OnFAKdCY8EcHSzqqDUWNukXO8fO-dVU&cry=1&dbm_d=AKAmf-CdJ2pPbb7qWTkt2dhiny_nebv6hDMYqApur7uW23WkBp7I9P_pJMBSOPd39imv_ihlhy7kEz2DLZ0VILsD7ydV709pkWSDXFNJegeZDFMC3rhjqtCMJjnvaf3Ui8DMVaZBvWluoz81e8nokvSLsLCdtOwg_N46Q8Ug4do7ivQtniVith4Bo0NR7BgOSOh67UyvWU4__4VF61d0KyrV8eqg7VkU5uH0z2i8hZzYRn28ojC37ucWuQKDV7BuygFlyfQAOF01doO-3R4nXn1jzPy1LsQQ2gmhWEjdJ9TkBWwAgkpsgOsnfBfE5kUcHER2GPHNa1_vxk9NgoR2SxD0zmc7xnIVhJlACUzSQuBMrQPXbTOGlf2zuYS4BkgYkIo1k8ChO1gFyDVHNXm5CqN7zVNK87M5WBQy281GdnuZ4IT1G_wxBLmf9EeXnduAxTVuNNhY-8vwnZhpwQtkuohAVCOnj5o0pfdYGT479kHA9E0e_mCUnK1-mfKbwT5g1eZJM9iK4LyaWAeMDaWiTL8vBZzxO_FVayJjSVZ--if5YQ7_fj9iZveEs8yALfA4-oEiUoHPMuImO6fnGDIC-wTmn3JMKg30ZSpRC_wg_VwZYYAIvaQtE82QsVoUYziEgZJiY_X6CzizogOo9DpcWCrG0KJoCo9k7uhPPn-G0V8087aoPHJxl7Yhyp4Lz0PoQQm_Nk5Ndl_Bfyb0l0DXG69cN8uV7USPEHX31DwR_9tpQq9c2tbGw67XRluYZqhngkQiDIaNuN7hIXqPwonogWN61odnbZisCLvwVHIZCqwhs88MbIJ5wVwixZcCtsFqoy2j2EMpdrEkxVtcQrsO_Dc8UMlyygp7unaVxgdgOQvQ3CJ7Fn-2pga_s_h32Ds2RDp4CFq_DAahBayxSlu4obW2doQIhzfdsqWC5i59yOa_DoxefvJNJes2SP3zEqnXyKUuiW97DIP4cY9MAwDH5fOphgAQ0BbUMLn5ozQhBAj7zTSNRoiGuKWrYd3lHxPjDnA0mpFnum7ZpAxtRSK2Q5xIMm0XrrqfWtsJOscYYuoPQQ17MwkcT_Pzrz-iTNuiOoCu1b_VEkLmR7B_hr9tdMZ8yRZV8NzvTPJpyh_38APAxuWhjop80Bfrpy-_htVt7hKDCSCb-htoocQGizTJJImpAUt08YE8FZakEXMKuq0AHqlzJhvjGqEaNWQZrn12YzWXXspIC5-nDFGD3vQOb6SGVNq82ZFJMMuqvAm4f1oq3UqC7YntEmfeFmKCf-jyDdT8DMds1IReoqfjwzG4opfx1OzZ7B0d-BxjDJg0YUB_dF48YxoGbOe88L_Ip8RKWGlB4C0xNmVDY04Nq16ACxxDlxIpeY0hnWe3XqaeF0ZWtm09KqwCiMxI3-B4b7g_5eHif-ClLqZLBRU24ZwcGU9mmfS7Z6R4UAosd_97fxLP4QKKlmqd2zUoKw24iQaZf4pEAUbENoE9DtE4KbH_wxqVaprBzqM7casYwwbqnMKV_YskKKODfBENJXSH-DW-pO7zIrm4Sc2-0MLMQpoY0AbUhwSffaGQzGJLh3HDbZisrfGI9lyQQLoBZetWkpxe1CHTc4btTS6lJiRZJjwoLjeoHay0E43qeHDMtnLbeEfkPNmPBTQGJSVA1IpdbV3nKDziLVtyzHMWlCjuIEzb9Ux0N7mRCkvMOTvtCRZJBJONA8Cyeak76HjK39b-OYskbnt9MjBwI6KC7VK0OXB4mok-PfWgwmujc5LgRb4bHRD9ErsID2gO3nsrmvtaOPDm0G6BY0c2UZ36Hq_2626jo2gKDHf_lF4Rb98Phoyz46tCFz5_rGTXu2BBEsZj0NZ7u_fofw34f8DH_cWAd3XE3tPBbp0vyx2sE6W2Ofe2ByHsur74DpX7c7ZWDrVDixG2peI_y7YJEMhS5e-9j-y0LbFWS5UU8GmB-KRpuekty_WvFtyD6l6vIysTwRQHdhgoa6GnollqkFKU5vRXmyZeS9_6ExeHgOgfXekL24ae8y1WNZQRjgXul-lqup4F17VTecmjACM5_b_A9W7t_seuGFE-uhvl4cArifpP3LlvUEDq0HKBmVjqy0cLdvyt8hDpqQApf7lOmB4o2iEgYrAQjHNd7rUOJEg3xLCIWMdmeSCYsTxrxNOe-mjPRGAlu7M9T2tvFc29luyigC0waVnjxB1_3DtjE8vcaxhAZH6nNzgm-GelkaFGLc0N2tRE0OUzUqDeeZbzhBzRE9vg8LlCPbnVAYRvi0OaJaMnD6d7QvLOmlMcDqZgenD3NhWpJ21mvYzm_LdG9Cmhsh2NuIM_Xh7-N_W7DBZy0kN8r_uYBcxXv6ALzhe7lkzJEH_X1Ch8lOPHVJeuMn21-yzg8qSfTafroyPv1iUPXrwEVypOqPrAJQCeL11xK-bS1ZLixpaLdXDKwHdITQgjoI_N0QqH5-QSHB7PH2fdGXPKBX7O_bLnHgPm8HAmiBWMXIfPniLI8uoPbsXKoCpu3mVDf7-P0Bhnwn_FNFJVH84cAqIjWGh2hYnmRl6dU2HCS43uVSaVmJFy5Gu5XeOUgX2TlgE2ptQUwj8VaZR9x56y8YXEWd0sEx6ufVeuenK0RR3Gi5o5XRzlw1xgOb5ZsoHuiXSYd9rBVHZgOGyab1lBAxavlA_O64LczCSWv1BKgj1_rBqsjDM4zBR489mvahW3bJIBkYqsr10OTops5Fy32UQ7T09F2bkY_CNGVSj3zjXAUuRAj7i4Al5hfwOR64Em41kF1GjT4m4YMviXCmBHca2u8ezs7I8b-22J3p5CYt0R3sdd9lrg9II1Tgne4km0W3ddU1_-k8qU4WGqulRauV2z7RXPWkTprfQqQ-Xj70Q6Jpy3SPTg0up4NY4ZxDvd-j43_rCyhfuMQQ_kX87lA8I7zv4br5tr3jWhU5Ue6aUUOBaB9-YPaciv68sIxexaVimTitnQwRywEIqAJuevrDAgl16DWzXB6YC_HScoAGuCpCZKaO_cRoDMZf_dcUJDbcPYViH5-vLdJ02QynlQa2c7BrsCnez7e9Q48qmXskK4oG071tLSBlvJbCEXqzrhDH7US-_WuEZ2eppaOd9zMYQ565iN9DPknb4X-LziZWFWsHnSBZOdfW3hy-CfzlY5d4mt52boviUSajpgO2nzS5d4TjNZqoY7eca9mnAvFr9ncozB6ZQMVnti-NPP3_QHxwY6rpxAcDECLcZUJhyxkx-FroYICq4hqb_w3T_JeRN14KUg_Nem-bokk0ijnbg-nAzORz-WIENSlFwvejQcs-0FV9dZIkP0Wec6gIiOHdvS_XTlaxEpGTLLhCznyifNBXZ3cPPyWZMXsZz9A2s-I-SYsjBGj_-LbCFmvraH7q8LO7sDJxitVL15fqlIiGYBbND2PBICo5unjMTfW-Lqb2W6RnaeTn8GYeiGAreL_-vHFmwVI6ZChPLJCiyskXJ4SD9dLiVoTrQ2qfN43xt9kH7gx9VrATnLn6eZhFEvVfcKCdQnY2XHhcbF-A6YtO7cB-N7z1baqT9PDYq9DmWBGdUoKlEaSxOjykzeNnDh9_ZrWDJr1GYGx5MndImHzKDMGmHabppsaJJkHEW1uepCS5y2M2c5bJhq63s4a6oHzPyA2iY5EU6h5OaPr6GCV5L8eIKr4SyBN81Hwa51Am9MBE1vNLcQvTFbq6IEnaLT4Zq3u2dMBwezw5CniyCQ&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=730127399378076500&adk=1033480531&idt=213&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:54:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 034A 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUIXI0M-MP8hBObFNFQ2Fjbi5y_mCVypQTlKGaPb9FdLcT4WsHcpAOGkeL0GM_jdhE7PpePPS0hoe4NeZpc1rSWwGnyCj4knYtc9xRU15-fiS6rGeUBGN3RyCqkKca6Iyo7hkyFXhILBAnQJsdU1UISTHUuV5TGTjmRFaQiybymN_Ede4&cry=1&dbm_d=AKAmf-DvxQP2GYKWdF-8BNmXDZX9y_zKtJ1Z_hMxWL_UC4jE20g6GcuFKLeR2HsD7w0pEwLAg7zXlRAc1hC9afc6Yca9I9GCq4zD0ffiGFtvGNxvGmuOSQigTvJFdpNVo1zW4flxriGe4on_FySrMzuNxTDK6FXdvhi2YNDNZk5v48HKzEgU-f35ja3jBm-HSWWn3zwpQMdZse_yIuioR2aZdO2Y69EDGYV9U84MtD1zaMPRw9j92BqqQJXqTQWLR5YtLLoc7QFcnuDTh_KAi2pfP-yFL5FTbubagztTtsCxcA_2QPmF55nOYwvxbbsQWfYLSG4bX4BibLhZHxnwFWp3UQOC7xKVK49f_Ogzhyf063HGanoV0u4TmRHPDzePBTwZAw5jAfwqKtkpeQfk-kzgeUIixvu5_I5Lj1KdbpepR0NgISqPs1ZqidHcB7a-80yaE3-HjNcwduO0uz5yhaU7mnjija3-KlUzicAWYyQwKRTohuhycgT4yDgCRR0Nd-iWKrBsagMfAdL4xUVUq3m3njdP4KCoNuKXXmWZaBfNEgucbPs7hvIg-2nddBBURdd3_AgcSjqT2kYBplnkZTypjUkH99hGIMTOCOOvBFEFrsi-I5UIPUpkA4nuBKmN75HdIwe-CuIueRz8HI7DuuLqCXPsPKm2RIqZWI2DlOk7WrfF2NGDetHYVDqpnaYn0lHMpskdcgi8N43SW6ex-rRYS-mOXxU5w66_Xl6FHubZ9B3MIBJOsejZRED_vdSWxvsOlAMJ4Jg7fpyc5QL40AfJplLYoQUPqFN8KwyWZGL4F16g9QEXeNI3IMMk7Cc-ZIKn-3bI8OgowuvUnuQzpx9ApEe30LloWGWHTlF9oEpWoSG9ZkObcnzvcGqesd0ySYMpjdjJTW7wuX9CSwsfxwaGWLxUMd8QtIGY1y5UEF1hwCv6vV1RrfHuh1NqgB4SymY8gjkNAK1MTqM0Nrw7q_zp9OBf__KWgFwKFlaS5l5B2N1AaZUpnfcujMWMeApqy9_fIPXdJ6iSapMtJ-KRPxsqTx_G8ME3fD4MH230733_cDTOsZ1rHYJk6-KVt1fOM6wL08fNWVzcKfMeGv5IgY5syb_OBwgBhkF5-2QKgw97v-yETT5xPzQ_faz8Xt5_oktCNX_FPAR1VaIe-IY0lHel9jntuG28eqHTTWwulCPysM80e_0CFdf2lbBO92zwXpJ_yEQINwAZvDXzQvETVTxrtKDS8BjZZMiff1EfXvwzyy7i5MatDVUzbogqmtxEU9wdvpIqSrQab4ti8LOGw2maA_qI4GYEIP9mPyC7S9noZnhQnf3DT7dwCZGfxkhrBpzRsXx_4dGxilADuN-O8wwdMm819SgobKgpwMtR4vG_b6hcgAYAdEX5YzyXdb0KVaATFlrYWPmJzwAOBZL3k1yuS-UAwlpAyAXSEgBO4t7jcKrDu--3Z0nRf2lnalb1QT6BBlLysaG--xNxEzUbOar850L31hh-XPgbP_fRWq0H4wesx5TcrfAXoHbzfh_xVcarPSYPCp169a8QGz0RkSJmhPMuCJuZwD-akvq8EEqr0ti4jMkLmP_ZOlcyVJ27sZYnk2gXlKh9rjMaCEbYl9ecOn6enNcSiGR9kqc1THlXs8dG0_kEdNsOEKmHjYDfrwLw8bZCgAxEtb4X_yMKukcvDAw9M-GVSBKYVHW0QOvDPlDFTyDm3rCJsugOCPdgjtZOPJqV61FsQ_P2hilgORta-AnUxOmHDyZ4XS1WSyLybVL11LknIHziu-VbleBTmHYqDTU0pUjWjWtH9Yqxs3M9g7PDKx_hIER4boj8PoatIEdOGSGMk8CoKqgsh31twLTDH8JvWlEsrJzv9tRgTv0bn75DMHSNHfNNT8xDToM5vJu8c8QHcEMmdWQ0EIclb9kFjQNael_hSn0C4B9Y93imiJAf4kgEf6VT32JUIoBmZaaIZgBW3jyWL2VVV_cPY90FkblyCEndgBoqn4dZkOgA7t8gecAeuisd17Vrg4DbgSNEJR671pDxyg1f5VrLpcXeN7mBu3ot4PuNJvgRf958RVXLnbcIKRfQD_PlQE2ka1viDN0hJbPX6h-5hveDwntcgn0X5Ch6vTQut9G41tNw4bxapFkeaM8vdWNAsouQp5CnG0PbyNAMEu9cu0fG55uS7TJTrvP_1IQJNhKmeyr4KSHaNDvq46VAbqZHvYVDmDNU8TYw8BDcefa9YbLM8dfLZ1K_m3HkPPKZ8ZQ6XW-kZOl8Em7F4ECG7hJTYozryJAS_0i3K4P6aloJfd2Xmu4iFwpKTeg8jDGZFMNk3iUmwMmKPHHHazInjmLusMIhDi_wgPeCNicmnxdHLZs5fhUzwEXU3LOxR8FZe41_XMVCUNDaoKNuszFGltkPHV0XpNducm9Qicp54jRv3nDPlHrYrcO9nzsFr2a597u8vEOfxTmIyWw6NJPP-tiJUgPiimdCWJznPJPmJN4hdS3lZHU-yTeM7TELNIZ-3Sn0CfYzCaCHiDOAieu3Eh4M1JlCqGm8V6YkKx39WzoObku4fzt85813jhJxakwGz-QN6o-NRMQtrff3BQG2BRZFqH88o2IOfBNnZf2dwK4YxwMYzOKU7J4n1KFRL-kfYa5kANicQQo7eJXX43BZ7QGxZ9Vykq0KyXxWlEQF3jtoK6-etQ0e3mFd1JkE4JIPSbR-RbMzTpY_z18SF3u7gw8upNjdSqCODpmj5SPkkNhcTRiaEJbDQoR5bdJnLmkHhTCDLdTYjdoUchKWW2mH1Ah5-gEeZuQGAcRd41nKGLsOQ1BcXR-FGsBAUPbD2WRcs7LQ_M_2JSwwajJbQiYfYK63chfncZlsEZdcmslguAW1LTvaOtPJKbgK2vutS0arMkHlh7ji6v2Q5XWZfQMkm2S3c-DPTUGNVJgU7cO3HX2D-wL3-EtpX4Tv6Fx6JE6vj3UjPDbOLOIrt3HhglZtJ9ioqdDzi1zsJAGVALKkPjqM6Gi-2ZLGug1zGPVkWMgETNuVGrnslVeH4DwqzJnKE27fq-_BZ29zce0ZQDhBQaKPKyhdp2kMo7nOqV3vrkICplNy6iwqFBlUUCSGGMhry3QcYDH1UwJp659IxT_fdfmXkQEtiOS_Vq1VkfGI8oLADfW-OGaoVHYtM0ixNGToo4JeOg7zlxCCxNiBA2mLVPZzhbS5khSSOitFiqf4cnaZO49QFmOPpKnYmuMzLgqnPRUEewUP8rSFveHWRJa_gKjiWITqrnE2VDsFSeICbU-r1r4aW0_T2W-eMaUw7n7SyXqWYOva-ERu1IBhUsJcG-GDek1n_3S6ZZBPyT571zJxUutGmNTs4ToUY4MtvRKtnMelIgKU-b8xYRlfi9CeWaZymuS_X1_2uOriqw4eAOTTaEDigC8cFGky07Iksj0wKoo10DksvB3FpgVOkgl0XnZwhV9537NbFhegzPXJ3tnlWO7AZxrQlsvN4V4eZtisdhd1zRbLnbLNG0kfT43ZrKHTAjr8k00VzOIYXtONtpi3kyskil_thqIozWKTDzMm_iaK15zpGaQBTdqJl9y0SVLsta-h0F8xtEWdLe2YGDjxy9Sk4RuAT4YHMJ8LWyhx6N6Bo_dr04QWWL1X3sLfBeXoST2lH4jhOIFaWZu4doG8UC4PmZHIhYpBc5DzEBaGABRGXaeJvltQbSpNnG1AlOMZlXuzb6mp6luf-JiAEXsdH7cMQc3PgiV0I_3E8Q&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmikeonline.com%2F&ds=l&xdt=1&iif=1&cor=13145880665544507000&adk=3690638929&idt=225&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 13:54:48 GMT

GET
H2 200 font-awesome.min.css
campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/ Frame 7F65 30 KB
7 KB 619ms
618ms Stylesheet
text/css 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c16ee0c6f64858e01d8fcb448d339955ee9e794cf54989b8d0f9817a86e568c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: D8WVc2Dk61bxL9LNw52uqdHkwTVBGjtJ
last-modified: Tue, 01 Oct 2019 21:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"e1b6858b75519cf8e37d9df3c1934d3c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: no-store
x-amz-cf-id: 3alMVls8wFzfLDyEWF9K_v8B4jQfWgZM3E7wHPdJj1GEas7YwhGqLw==

GET
H2 200 poll.636a79b70f1022ab6b89.js Show response
campaign.aptivada.com/poll/ Frame 7F65 3 MB
788 KB 13ms
13ms Script
application/javascript 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b143bd9a767b7d591ac78caf21309f55e68301e3ca6d7c8c0ad90eb8b97fa89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 03:26:03 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: qeq7ocaPNM6lb7KfEPwB1UCxjMYiPuqd
last-modified: Sat, 04 Mar 2023 03:18:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 407206
etag: W/"15abfe27933290e407429acd49d8bf49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=31536000, max-age=300, must-revalidate
x-amz-cf-id: JE1lPkeqTmTIU53DtVdyYfB4zAlSUJ_hGJetMj-K6NtVZ0_qHvw4Eg==

GET
H2 200 redLoader2.gif
campaign.aptivada.com/assets/images/ Frame 7F65 13 KB
14 KB 598ms
598ms Image
image/gif 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://campaign.aptivada.com/assets/images/redLoader2.gif
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99e2d2c58a8b8a08b28207e674ffe1595128d7f944c3deb6dfd83bf463d4a9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:49 GMT
x-amz-version-id: 5pYgTcmRG9iahVdzM3.ZYLVan4va.OQr
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "4517d01a632f61fd4fc7510c799d12dd"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
accept-ranges: bytes
content-length: 13511
x-amz-cf-id: C99glDqBsUqNKOn_548lZIhK-euhXiZm_qHq2egj1kg8N2ZWVCNsKw==

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 7A27 11 KB
4 KB 62ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: c505b241c2ff882defa7981043fa3d7a34e1fb0d7a51f0fdfc96ef45ac15932c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4140
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 3ECC 11 KB
4 KB 62ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9ebc5b31cdd8df716c9615fda456eeb42ab58955627cee4b473cc2dde934bf0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4123
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 034A 11 KB
4 KB 62ms
13ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: b305a7624e48301823dad54d58835885bd82f5ea04931c04a162ebb188a26ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4141
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

OPTIONS
H/1.1 200
OK register
sapi.audioburst.com/v2/users/ Frame 0
0 100ms
100ms Preflight 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/users/register?device=mobile&appKey=5e814f4545e54e58ab62aeafceccc55f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://embed2.audioburst.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 08 Mar 2023 20:32:47 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK search
sapi.audioburst.com/v2/topstories/ Frame 0
0 96ms
96ms Preflight 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/topstories/search?device=mobile&appKey=5e814f4545e54e58ab62aeafceccc55f&top=2&q=&filter=stationId%20eq%2022409%20and%20reason%20ne%2010%20and%20reason%20ne%2012%20and%20reason%20ne%201%20and%20reason%20ne%2014&urlReferrer=https://mikeonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://embed2.audioburst.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 08 Mar 2023 20:32:47 GMT
X-Powered-By: ASP.NET

POST
H/1.1 200
OK register Show response
sapi.audioburst.com/v2/users/ Frame 971D 188 B
980 B 229ms
122ms XHR
application/json 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/users/register?device=mobile&appKey=5e814f4545e54e58ab62aeafceccc55f
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36e06ef256d8637e92d7eed2a18dbb6515e11261d1a368e9fd385fd49f2f72d1

Request headers

Referer: https://embed2.audioburst.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json, charset=utf-8

Response headers

Date: Wed, 08 Mar 2023 20:32:47 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 290
Request-Context: appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d

GET
H/1.1 200
OK search Show response
sapi.audioburst.com/v2/topstories/ Frame 971D 8 KB
4 KB 294ms
190ms XHR
application/json 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/topstories/search?device=mobile&appKey=5e814f4545e54e58ab62aeafceccc55f&top=2&q=&filter=stationId%20eq%2022409%20and%20reason%20ne%2010%20and%20reason%20ne%2012%20and%20reason%20ne%201%20and%20reason%20ne%2014&urlReferrer=https://mikeonline.com/
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6a68ea01c4d31c3532c2037da74bd6d006dbfd4cb9b41af3b67fe58d9c3932b9

Request headers

Referer: https://embed2.audioburst.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json, charset=utf-8

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 3341
Request-Context: appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d

GET
H2 200 98c8a5f5-7ac1-4d15-869e-1ae6cd6f4f68.png
storageaudiobursts.azureedge.net/players/b765f146-8fb0-432c-9735-4327d45415e8/ Frame 971D 9 KB
10 KB 175ms
23ms Image
image/ief 2a02:26f0:dc::6853:53b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storageaudiobursts.azureedge.net/players/b765f146-8fb0-432c-9735-4327d45415e8/98c8a5f5-7ac1-4d15-869e-1ae6cd6f4f68.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:53b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ae6c2908fcfaf6f099dc65739378756fa6d40efe1717fc06ed99c2c15659922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Wed, 19 Oct 2022 16:49:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WzVUMU5qr8fAoAXD7SWU0A==
etag: "0x8DAB1F1E6685A69"
content-type: image/ief
access-control-allow-origin: *
x-ms-request-id: e0732b58-f01e-0003-4ca8-51713a000000
cache-control: max-age=31499746
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 9383
x-ms-lease-state: available

GET
H/1.1 200
OK json Show response
sapi.audioburst.com/static/station-keywords/keywords_22409/ Frame 971D 2 KB
1 KB 167ms
106ms XHR
application/json 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/static/station-keywords/keywords_22409/json?nocache=wbgqk9s7dhn
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6c71a91b33b48fd88c12c8982e19ea06c86c0eedd66db1913ea1cc83dca6b93

Request headers

Accept: */*
Referer: https://embed2.audioburst.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires: Wed, 08 Mar 2023 20:47:48 GMT
Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 08 Mar 2023 20:32:48 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=900
Content-Length: 758
Request-Context: appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d

GET
H/1.1 200
OK banner Show response
sapi.audioburst.com/v2/campaign/ Frame 971D 617 B
1 KB 163ms
103ms XHR
application/json 20.49.104.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sapi.audioburst.com/v2/campaign/banner?appKey=Campaign&urlReferrer=https://mikeonline.com/
Requested by: Host: embed2.audioburst.com
URL: https://embed2.audioburst.com/dist/embedded-player/embedded-player-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.0 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29829cfcd033786f0a920e1b9614f385bcef6cc50f3699f7b96c52b96432e9e6

Request headers

Accept: */*
Referer: https://embed2.audioburst.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:47 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 493
Request-Context: appId=cid-v1:f8f8664c-8b03-43d2-afdb-a1df9ba4397d

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 51B7 22 KB
8 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 07:16:17 GMT
expires: Wed, 06 Mar 2024 07:16:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AE3 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 07:16:17 GMT
expires: Wed, 06 Mar 2024 07:16:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB40 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 07:16:17 GMT
expires: Wed, 06 Mar 2024 07:16:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 7A27
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

108ms
80ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 184d003912733595c92c92b2931ff2b7b231ceb69d159e98cb2b5ab7561487f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53909600193108904444554012257007
Connection: close
Content-Length: 1306
Expires: Wed, 08 Mar 2023 20:32:48 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 08 Mar 2023 20:32:48 +0100

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 3ECC
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

92ms
68ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 63db7e4679a00b89371464463b64c04dce75c172aec4eb277f814b93dfdcd610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 50173600175103104444550012257008
Connection: close
Content-Length: 1306
Expires: Wed, 08 Mar 2023 20:32:48 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 08 Mar 2023 20:32:48 +0100

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 034A
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

104ms
80ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0bd568641b9f03030696cca58bdbef7995e73f59d3253caf0064d62902745698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 65993600182178904444554012257003
Connection: close
Content-Length: 1305
Expires: Wed, 08 Mar 2023 20:32:48 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 08 Mar 2023 20:32:48 +0100

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 51B7 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:16:54 GMT

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AE3 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:16:54 GMT

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame BB40 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:16:54 GMT

GET
H/1.1 200
OK Salem-Hosts-Sponsor-1.png
storageaudiobursts.blob.core.windows.net/site/images/promote/ Frame 971D 15 KB
15 KB 429ms
101ms Image
image/png 52.239.246.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storageaudiobursts.blob.core.windows.net/site/images/promote/Salem-Hosts-Sponsor-1.png
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.246.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 214302ae229a9ef55d8819f5debd18176174503141c92b6c58818173ff9b12b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed2.audioburst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 08 Mar 2023 20:32:48 GMT
Last-Modified: Sun, 15 Aug 2021 13:21:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vmkIR83eBko2SQrGJi6N+Q==
ETag: "0x8D95FEFA1BB91CB"
x-ms-meta-CbModifiedTime: Sun, 15 Aug 2021 13:21:33 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: c955a80e-a01e-0043-54fd-517602000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 15163
x-ms-lease-state: available

GET
H2 200 / Show response
adv.office-partner.de/ Frame 39BE 930 B
931 B 160ms
18ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 08 Mar 2023 20:32:48 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 15 Mar 2023 20:32:48 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame C892
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50173600175103104444550012257008&actionid=981741&produktid=&dt_url=

0
605 B

94ms
30ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50173600175103104444550012257008&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 08 Mar 2023 09:32:48 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 08 Mar 2023 20:32:48 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50173600175103104444550012257008&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 253A3AF3:D082_91EFC182:01BB_6408F0F0_AE0AB13:2FD2C

GET
H2

200

htlp Show response
futalis.de/ Frame 27B7
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=50173600175103104444550012257008&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509

350 B
401 B

70ms
12ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 08 Mar 2023 20:32:48 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3ECC 2 KB
2 KB 139ms
73ms Script
text/html 35.177.30.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=50173600175103104444550012257008&nw=1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.30.54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 33e1421ac4101bd229b8e2c8dc3f041f81821740c784f7fdfb9450a4b3fe3cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Wed, 08 Mar 2023 20:32:48 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 08 Mar 2023 20:33:48 GMT

GET
H2

200

activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565 Show response
5994599.fls.doubleclick.net/ Frame 3A08
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565?

392 B
288 B

61ms
59ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565?

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b1d242d571fb0ecf08209e2b601111617a364b6c824f5f27412ed000e2b7e39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Wed, 08 Mar 2023 20:32:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 2DC6 7 KB
2 KB 36ms
12ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4fd68819b3&subid=&uid=648829150d6db9be&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYXLy7vAIZICSOteIiM0P34y4eKblvaBphZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJoCT9BSLnHWDh8TYDqUxWMZjkpB9q6-3lQeuo2z8IxWVLAoYSSvQfNvQH8vXh9q4wrqy6ZU_zc0BUqLIYc7GGHxFxlW5m9pBMYRak6nz04NxwJfzn8iUPCy-4LllEvTyBDSy5pE-dAAcvo0t3I-DZxQ4T2WUxHgOC-vKuIlmuV1qXjJFBhm8E64xZMmYMKcogCGjiBmFXRpZdmXG9pVfU-_jn_S3YwgQdgV-126GfLrvB7NZlBQ26TUoHJ2udPtP74yk9BYyAq0MQRqgJNDlXdiKJuJEgApO1LruHSUVOXRzNFFdVmrVJXwo1SqbeMObfc2RX_txRGJ6FqabYZAIPZTv6U1q8vPSXpJm9BbTCICiEtFWq-T2e3Ml0vBwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_1EA4xGogXegNSoto_H1cOPkQWkhg%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-C2_Rf33ZqvHNK9gsGBeAQinDIOZlRKd-uLzehePrOrgHhXCRA3l8ZZUy10hetB66UZCDp3lBo1RnreOoiChVrWE8PsJ1pMLLtO7lJTMuaJTjFntpdxrMtr-FgkjEUdKtSbwftMRt0MeJ6zcm5MXX_q1Qd34wZLK2Z3dZUQfIfe60tN7JU%26cry%3D1%26dbm_d%3DAKAmf-BqCM5LXdhELy2LgJCsisFJpFwXTqmZLBEa8zyiq76vI-sqPNS5Dz1jSURgbh-09A-gGdttI8CDykMpkaK0BPk754-y3cXVxFJ-Na7tBQdMSY8wdwuJhhUNNkUSbCogoUzpYrmbgnUX4EkRbCOl3KQqaMVTVyEmsZoMeEGngOq5ckeX1YMXsJSmzxgDjNGVfR8mUw0e7w6Td19mXtpHqYNdHzmb4yoQQT1N1Zi-9auC8KGTbGo-gpLwPsBbV45HbuwB_Qy7RfKhOzxgO3gK-IGcsIJLDX_lf1UP3tg_hzNhrRns7fwdSLJmCe8IdAStHXp2B_lgfpPiH_lZ24p1lTAS5jOQGaJzhLmg1c7hCoUvXUNpNfMkj9KKo50dWByrldUhpvDSwixqQBgMQDU60nzyR6Mmuo5fLnsgDVyS0b3XFyXJ7yc8ZTCdpYClwP4oGKKFzFcN9_WAQS6FUVk3-mtzU2sVlknvSJZ1Hb4_5JZgvLuDIrxX6nEBWQDEieblmzNKJCefkodQ2jH-AK7tQch3TLiE9A%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7161565884373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d34fa312448702b51ac643cbb345c25b7629cc9ed43fc4336eeaf77f11b2605e

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2076
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 20:32:48 GMT
Expires: Wed, 08 Mar 2023 20:32:48 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 3ECC
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=50173600175103104444550012257008
https://ad-server.eu/wm/pb/native.png

68 B
312 B

185ms
32ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:35:25 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3AF3:D252_91EFC182:01BB_6408F0F0_AE1CAE7:2FD2B
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 / Show response
adv.office-partner.de/ Frame 46CC 930 B
930 B 149ms
19ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 08 Mar 2023 20:32:48 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 15 Mar 2023 20:32:48 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2EA3
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53909600193108904444554012257007&actionid=981741&produktid=&dt_url=

0
178 B

96ms
31ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53909600193108904444554012257007&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 08 Mar 2023 09:32:48 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 08 Mar 2023 20:32:48 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=53909600193108904444554012257007&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 253A3AF3:D084_91EFC182:01BB_6408F0F0_AE2D251:C02A

GET
H2

200

htlp Show response
futalis.de/ Frame FAF0
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=53909600193108904444554012257007&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508

350 B
400 B

75ms
17ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 08 Mar 2023 20:32:48 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7A27 2 KB
2 KB 244ms
185ms Script
text/html 35.177.30.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53909600193108904444554012257007&nw=1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.30.54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f6083f823186fe025156440465be48f6de2079a16937c2e46ae825fea4db0fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Wed, 08 Mar 2023 20:32:48 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 08 Mar 2023 20:33:48 GMT

GET
H2

200

activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794 Show response
5994599.fls.doubleclick.net/ Frame 733B
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794?

391 B
324 B

58ms
57ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794?

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f32b7745de1984ac9ce96744410e7c4782cc9c3aeccbdd99b23cbc7ba6519411

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Wed, 08 Mar 2023 20:32:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 7615 7 KB
2 KB 40ms
12ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=a4ebbf70ee&subid=&uid=9b6b06c17c25b032&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4qxN7vAIZP6ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CxnuJbXkEv7uVHHdccbpIRn1EXYQufbT9gBHneSUldOsbSOaGR5nQZ3lmLormHkwallUPgMhf-OVPBbQQL2wtJlpHokmO0kkOB0Q8ZpW-Oe5IS4UykuPu7LZSi9h__mYOrXrtb91ZGClHWY-HLl4aRFVAjRueYC3VBjQWor9mvnj0gSi4NmUWhkyts2TdM7hPx9-woEfTUqOF1DyEyo2ldIE-QIsTZi66f0Eul_wqP3wNoCZ0RRlE8eirXVyaT2oMMchfJuhdU7k3WQPDxpXebKStN9qLWkN13nKfEvcTTSUYB8a5KnRvQeLXsAHRZfkphITMs5mjr8UUDP9eSDtdvR4jDk09kQbxBpiOjiMLc_GqHqfCE4419l-htUsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_2WH9GeMI70AmhMIZJcLX3vhMYTCA%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-CMiF0d-TWQmirp9-Un8gLWX-NVubfpB7pWLLfah1XaoG0gveD7PyCLjg7v40cfk5PTqCxKanUr_56ynJLEF0lMW1rOu3yq6mku3C0aw5EvUijrBKdlIdN6VQ5WlGJg2vFP-C1DrzRQnz59FGvSaNpIDyi2Euv4ufwI3peTtHCP7zV45m4%26cry%3D1%26dbm_d%3DAKAmf-D3xYvJZs9CUgfP7p9GHwlgef9j0lWrA91Lf6EVP1NhskN9nxoYCyO1hvV1SwQCEmN5ugVS8XWHQdoGmeEYeNjPM4mZxkYMoR_VCrIRgSV5LqK6vOZQ0fQRkE4euPwq5kVzDk9wAIlrfP0jG7e_OfWAKl_52fHLNcuoPBOka6wosCYIHAaMMhzhcn_HheQY6cl_Efk5urJOffZDklrKK0ooshl116LWqawGLuhtgeK0c-wmI9TVn5tSfiCT2TdN2xQogGoEsXD4h9XbYzdsGAkkxXIdsf7NNOipufwvOtC2bJQcSWWliZb32oSvK09GdnLQa-zRVpN5P2mqbrHjUs0DXPDMdUsZBicvB2ZAozpYaXdLypfnFtPVtwS2kVO0k13iX2vqExa35BMaz0CrnrAiu-2qnUTpYLzgRRLzZCFrk_f2Olad-lLII_DuqmUEVfwow46Wn1p-m_Ihg1saKkH3ZsGt4RUYofgQ1QvuRdiVjgg-M7w9WMIDBKr2zIZrqB1NEMxBxcZjsvzYriB06quFxZPENqVqs_TYtKfBZ7VZuutWWrI%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=7468067031000&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: de44aa4ddb49fdcc1444491116b852ea9bfdc77d250623a3c0f33b9757db05b7

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2047
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 20:32:48 GMT
Expires: Wed, 08 Mar 2023 20:32:48 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7A27
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=53909600193108904444554012257007
https://ad-server.eu/wm/pb/native.png

68 B
312 B

186ms
33ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:35:25 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3AF3:D254_91EFC182:01BB_6408F0F0_AE1E80E:2FD2E
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 / Show response
adv.office-partner.de/ Frame B5A5 930 B
930 B 140ms
20ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 08 Mar 2023 20:32:48 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 15 Mar 2023 20:32:48 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame E314
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65993600182178904444554012257003&actionid=981741&produktid=&dt_url=

0
179 B

69ms
30ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65993600182178904444554012257003&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 08 Mar 2023 09:32:48 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 08 Mar 2023 20:32:48 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65993600182178904444554012257003&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 253A3AF3:D086_91EFC182:01BB_6408F0F0_AE0AB15:2FD2C

GET
H2

200

htlp Show response
futalis.de/ Frame 8765
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=65993600182178904444554012257003&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510

350 B
400 B

75ms
18ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 08 Mar 2023 20:32:48 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 034A 2 KB
2 KB 129ms
82ms Script
text/html 35.177.30.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=65993600182178904444554012257003&nw=1
Requested by: Host: mikeonline.com
URL: https://mikeonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.30.54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 294886eedccb551b4cee4d3a87c1dc6e91fec7409229cbc2e0ecc4708ef5ec3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Wed, 08 Mar 2023 20:32:48 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 08 Mar 2023 20:33:48 GMT

GET
H2

200

activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735 Show response
5994599.fls.doubleclick.net/ Frame 02F9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735?

391 B
285 B

61ms
60ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735?

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

d29d7d384f2169b03701cb6bdcea3b1d901c35fb7714ab5ca3c22b4b293ba6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Wed, 08 Mar 2023 20:32:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame C3F7 7 KB
2 KB 42ms
12ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=d2d6acb264&subid=&uid=44276f62b89e9d96&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnVcD7vAIZP-ROteIiM0P34y4eKblvaBprZWcp8kP8C4QASDR7aAXYJWCgICsB8gBCakCCpVLVcCzsT6oAwGqBJ4CT9CPCjPwMyHRWug6jsTh9xRbYnacPferjOgIN_uAbtbnsxVBMZxo2gxj2MYMlrb_u-64ZAU_q4Zi0vXy9j3aaX_UqKMxJsg2RaXnrorclV4-ViRvsAcd4cpKysxY92dbbds3XzGXAKoCEPMc1h-KmcBIZsV9eQ7f9IfAPevCaC7OOo39cLj74V7sG9zMfE6aEQDfaz5qxKXGSH_bVNywsZNXvyjMcRJ9J_cw3Jdswvb_IAUahV4RDZQ4Cv2VUbh1AMwnITQ6zxHf2SKLG1W7_5UVe_om-SjtbJWS2kKdYKmSz3kgEvtAMK3TdhFRIdKHxw2bP9V3etHycMFIocFh4J5Iaq5BzQg9tPckb9h09pyneP87PIoQSlEV4zfJBcAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ%26sig%3DAOD64_3KnmvbkLHCiL9kJ1-hCBzyifkHUw%26client%3Dca-pub-3522377144365482%26dbm_c%3DAKAmf-AXR7rLFNlkvMkpeEFUIjRPxcKqjzeqndxzlt3Yt3406a-uTHu3YMp9YajAjUL4F0zGghDZL_QyRuEm_ho0mhwg9aLEu8zBJ4LuUu8QculWRQMTvRFgkkMFTiivsxnpW5Xefm5EbszlcTuYOFKr-UoAlh9jIE2HNQdiKKqFhPcA0DFzIrA%26cry%3D1%26dbm_d%3DAKAmf-CGq5NFICELV-Q7Tmd7859hA5J2nvEHR2IEW0ilXBGIt1W8Pq5U4gB2cs8_OjeRniZsJRNMHyV2BIMvf-5ru3Lle53iUT5SpTCgisGaOhQvjua-UqlF_el905hAVamhs0bcBKtTAN7AQJayk4X1kOdmzfe_F4TTnK3tsBvhGev-Ph1teEr33SdbTs_9Njn1lm26PveestWgcqRI8ZBtcM1rx_gkPax45QfsVB_Kqy0dP81dp78_jSkRDcMl7QlURbraX0rGGtxnd6Ik_NfH7S0hYXgyAFXumOSBjwcIxf3oDyM9oIA39eDqp0zl0nIRGlNV-qi4Jn8dkCq2UFy_vEW3CuCDvWZr8hxedL-GutTIOmMXNm04dom4D8IAPXRky5996ek2y0v7Y3XfEnQWIH8OQjF5rVuJvyPUaMaOEbN0SNLCtli912XtJBNJskSJoFr791XsyI9p_5A7U5AIzRHZX3EN9KlMHe0YaCJEaRwuHLKdcI5d35muacjxPyVKlc1JNuv_dOf_ZweLsAa-kvbHnoxupteEDPMhX_TIDWLFAj-qW1Y%26adurl%3D&documentReferer=https%3A%2F%2Fmikeonline.com%2F&ancestorOrigins=https%3A%2F%2Fmikeonline.com&random=4461175807128&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c6180d3341b13071ce8e0a009a4aab21ee03d99e58a209f22b8a73a28d084e21

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2033
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 20:32:48 GMT
Expires: Wed, 08 Mar 2023 20:32:48 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 034A
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=65993600182178904444554012257003
https://ad-server.eu/wm/pb/native.png

68 B
312 B

159ms
32ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:35:25 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3AF3:D250_91EFC182:01BB_6408F0F0_AE3B45B:C02D
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
DATA 200
OK truncated
/ Frame 3ECC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d04c5aa1f3922340201c880ce836c21e46f07bf93fb7156b09d3d03aa946bf67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7A27 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94463458bb438a378f2469fd2e7eb74896b9d2fe22efc29c2b3ddeaa39f16375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 034A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 323baf3b1760e56f2e31174d05b5b661be130612a22b99fcaa9c722b29dbf6a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 2DC6 1 KB
419 B 52ms
51ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:27:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2DC6 9 KB
9 KB 36ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 10fd5c6374ef61de2353ad3db1d513d987016ac37a19f737d4469ee2481fc13a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9285
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2DC6 9 KB
9 KB 37ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 71958d8fee014e793d66132d9f985850217e73ff455b7ae8783ab40621faaf8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9362
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2DC6 7 KB
8 KB 40ms
13ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 909c5ac48fa74c1030d1c0725285f1138a7c7ff400dca06a19317670c89e8564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7646
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 7615 4 KB
651 B 52ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:24:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7615 12 KB
12 KB 36ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6364535670103e0f43404f57f1dd7cbf2e2bdac181232def41bd8f99d848fb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12109
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7615 11 KB
12 KB 38ms
15ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 81b1bcbcf2e7913da5a4b84f1fc6570a6d4ba7ad29d7730c33a490f6d748af71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11596
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7615 9 KB
9 KB 38ms
15ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 1d7f8a5305d08a8d52f29f41a7f729722fba17974831dafbaaa21ee30adf9886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9506
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame C3F7 4 KB
651 B 52ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:21:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C3F7 12 KB
12 KB 36ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6364535670103e0f43404f57f1dd7cbf2e2bdac181232def41bd8f99d848fb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12109
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C3F7 11 KB
12 KB 39ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 81b1bcbcf2e7913da5a4b84f1fc6570a6d4ba7ad29d7730c33a490f6d748af71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11596
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C3F7 9 KB
9 KB 40ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 1d7f8a5305d08a8d52f29f41a7f729722fba17974831dafbaaa21ee30adf9886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9506
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 27B7 5 KB
5 KB 11ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812509
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame FAF0 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812508
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 8765 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2384812510
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2DC6 0
150 B 36ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=50173600175103104444550012257008&a=827f7a4d&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=50173600175103104444550012257008&a=46ef74fd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794
adservice.google.com/ddm/fls/z/ Frame 733B 42 B
262 B 52ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJrb1POWzf0CFYyfmgodRccElA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5451261264038.794?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565
adservice.google.com/ddm/fls/z/ Frame 3A08 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHY1POWzf0CFYGYmwodYp0LQw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3925312550589.9565?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735
adservice.google.com/ddm/fls/z/ Frame 02F9 42 B
107 B 56ms
56ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ_c1POWzf0CFZnMOwIdMCkDsA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2348238379648.735?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 39BE 105 KB
40 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38f64a7b8ca0002ad03ba324d369ba38ea7e999e7e82fd98007393f22f32d838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41412
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 46CC 105 KB
40 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

239f8f43a5d5f8b9237d41201036665196287b088639b41eff502503bf16d271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41410
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B5A5 105 KB
40 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

108dadb00d364c5a67a099ae6cca7eb7f0ed7ac95894de8dbcf03c57b95deea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41429
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 19:56:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 20:32:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5F8 42 B
64 B 147ms
115ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPaDrRCVuHaX-NeVrOHV1M2qV68HP7eecp0qWcCyYj4EvZJzEpwahn-bRnrURU0DtRC9hdXhd8PugkOXdRdbbKkKV6D7oHZrcYhCXptjgp6LgWFlh2&sig=Cg0ArKJSzLcMQ76qcUuJEAE&id=lidar2&mcvt=1036&p=20,436,110,1164&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20230306&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=997740371&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678307567516&rpt=304&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 7615 0
150 B 45ms
22ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=53909600193108904444554012257007&a=de9de095&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=53909600193108904444554012257007&a=dedefb0c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame C3F7 0
150 B 44ms
21ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=65993600182178904444554012257003&a=7810c60c&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=65993600182178904444554012257003&a=de4011d7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3ECC 85 KB
31 KB 71ms
9ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=50173600175103104444550012257008&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30007
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G89sUlbNUwUtRZIIFBMxrt96fUZOrrieOPWX9byYyA_PHn3BVFCShw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 3ECC 3 KB
3 KB 71ms
9ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1678307868&Signature=jiJac742kq7TXmnWYcCMWdjlxU1kNgyL0udmpGIxUT4iG7tb8G8d5dOd0ymxGjoFvO5KQBViLuEfGK0urQ-gM91UqkQOlCQrywRgmtVE82gniqUncZpvzIVZGB88rmlSrbmkRYGWyKPwML1AIFrrwKE~MEMS1YPenfP3DmW3XT~5mOQyph27JldLCpA~girhsgETlEHWmBCloHOkm3w46NwjvQpIcvD1h-uyHylDeSPOMNI-8D4xjqj7AiVEVhTZGplGsZjeN16tfrDHQ5oqI19aY~KoQ5GHYwFU35JZfVuS1oY1LpmtpM-siFrXtNpDdgKqvWe3BezpBPsaOqksdw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 08 Mar 2023 05:40:32 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 53537
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: geK05gL0RsBvAmUlzNR6zI8dB9TuWbVnvif4Sv-o_0cvOR5Wc2rCnQ==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 034A 85 KB
31 KB 78ms
17ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=65993600182178904444554012257003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30007
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GzLCvAhk4PXW0B2MizSfmkhh905LLcNWOM5q0sx_eo7IfRSi9gNBNg==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 034A 3 KB
3 KB 71ms
10ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1678307868&Signature=ZXyTm5mkzv4o5dbo7A9Qn2XMnmtIGItonafQrwKBs~mXkeNcUj7XiZYmI6Zd9jQ0izKSozjG02EnyUhFQEDCHr1Lf3BCjOm2O7dDOcjcNSOyM0bCekJ3VrU9-BOVhPHlcAuDVxkYQKfVeE7VUbj3N0gMAC02CGKlA4LeGgVhDZAZNUdh35gN5tcdPQRaaWNbwNLVA5He6ZmaxjSccet-u1yqF6MGvX8mScLCL3~VeSNnExs58CBie79kBn9~e68ABdYwzHEkErzwnWQsBMTSRrvVEH6j9v7lXMFH0ms-pMhmHa6uYAAT957dgAtNIQ0VVzyKk-TaFHi2LvPxOSwuBA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 08 Mar 2023 02:36:27 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 64582
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: iB8yvRvUpeu-NszFpDOnhF65OUbK2iaBdxQzbLbwMnDYKJ_1d-dMiw==

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7615 13 KB
13 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:41:23 GMT
x-content-type-options: nosniff
age: 535885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:41:23 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7615 13 KB
13 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 590632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C3F7 13 KB
13 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:41:23 GMT
x-content-type-options: nosniff
age: 535885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:41:23 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C3F7 13 KB
13 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 590632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H2 200 fontawesome-webfont.woff2
campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/fonts/ Frame F3AA 75 KB
76 KB 633ms
633ms Font
application/octet-stream 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://campaign.aptivada.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
x-amz-version-id: NMUKLyH.P6MgSJ9mkfhjUPwZL2RSW2P4
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 77160
last-modified: Tue, 01 Oct 2019 21:49:09 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://campaign.aptivada.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 22KY6hkmhNszMdnkcA9oEl8fJz5EQz0WpHpWHjSX66aeqYUEc0TkwQ==

GET
H3 200 css
fonts.googleapis.com/ Frame F3AA 4 KB
651 B 54ms
54ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:25:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F3AA 6 KB
723 B 53ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3846358ba3c2458dc9cf1989773f6aacc50ba6965d9e9da2e17de45957f7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:32:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F3AA 49 KB
18 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js?_=1678307569069

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
content-encoding: br
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17987
expires: Wed, 08 Mar 2023 22:32:49 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame F3AA 17 KB
7 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?_=1678307569070

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e220226b6daf9afcc3676bf181a0b6b72060d274d09fa838fae65184222ab337

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ac2ef0b8980b3937"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame F3AA 91 KB
28 KB 59ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?_=1678307569071
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:49 GMT
Content-Encoding: gzip
Age: 551
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6713)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 checkout.js Show response
checkout.stripe.com/ Frame F3AA 88 KB
23 KB 136ms
43ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js?_=1678307569072

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-31.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
last-modified: Wed, 13 Jul 2022 15:14:21 GMT
server: Cloudfront
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"9df39fdc36e7b7d12c767cc16f78989c"
age: 57
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
x-amz-cf-id: f2TLhD57BX8F0W1yUUax3s2TYfJFrA8tX217XPq7XidzqWk_arnlmw==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame F3AA 3 KB
2 KB 46ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?_=1678307569073

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf2e554949d9f9386da57f495ca36fe78ddd627515fc601f32c7e2a381fd3320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
content-md5: zjf1O4KABVNqMKeYW/pN5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: OgUMeddlAGKBaS2A/Xv0Enw7W05Pxn+OkQ7+6JzKIS+SkX6fOhMSunlp/7JtqllReF5VkIL/2UVga+/sw/bw+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4f6457e831cc0f1ccbe6b6f4e25ed16a
cross-origin-opener-policy: same-origin-allow-popups
etag: "9a4f821423a7e1a77b36163c85a8ea3e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 20:52:49 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7A27 85 KB
31 KB 10ms
9ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53909600193108904444554012257007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30008
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NCAxAS-TIjRsi-LIvpHmIBYpkzcQRD6SrXDlbS_9ZqigimzddnAyPg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 7A27 3 KB
3 KB 8ms
8ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1678307868&Signature=jiJac742kq7TXmnWYcCMWdjlxU1kNgyL0udmpGIxUT4iG7tb8G8d5dOd0ymxGjoFvO5KQBViLuEfGK0urQ-gM91UqkQOlCQrywRgmtVE82gniqUncZpvzIVZGB88rmlSrbmkRYGWyKPwML1AIFrrwKE~MEMS1YPenfP3DmW3XT~5mOQyph27JldLCpA~girhsgETlEHWmBCloHOkm3w46NwjvQpIcvD1h-uyHylDeSPOMNI-8D4xjqj7AiVEVhTZGplGsZjeN16tfrDHQ5oqI19aY~KoQ5GHYwFU35JZfVuS1oY1LpmtpM-siFrXtNpDdgKqvWe3BezpBPsaOqksdw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53909600193108904444554012257007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 08 Mar 2023 05:40:32 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 53538
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: E97rBYXpruTnIL6VP4XP48Wb39k4RDMDeNhzuBtdT52W6IN5FCKFIw==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51B7 0
20 B 124ms
123ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrXmn8PAIZIfyBMiggQfO5o2ICAAAAAA4AeAEAg&bg=!aWqlaj7NAAbv3-2Ez987ADkAdvg8WrM99wRi0YQ-4gLs16FtIc07ypZQh2-gHOwYXMULjyxL5PHEhoIjHMGMTthepgps3IG-EcMCAAACFFIAAAACaAEHCgCkOaZ7_t3WJ6C8IfSHx28FP_LWgk0MGQqEfbNU-T_ER2hW1sA5cE_TqIpovABED0hYJMWUwOfcX1VMvG75iy6RJBo5fJ37TBpzDXPE-7MSb-Mh72Q0Rmyon0IN56-8IRsbXHF3ZlLwJq0MiEDKKX2j0aopY3nbiLVEBWnrs3dc9QrEdU5_gM5Ve8BEyP5tNpS6im_cF3zjA0fjkwb9paZsctfKdUSZAuEIAbCByfLYHNOB5UmM4ja_J5itTBtxpLJ4vlfOOWTHaqQ0nffJjEiwudixFvdF7HvWoUN781k2Px2khEruNkCr5c0imwRxmQtKYOKGDg5cng2SLqXkwxpIMrjyf4-IVS1IWKNTMryJ0_-zybFqA1BwTJdP0Mhe7BQCRbeeXBSu6DeZFxnuzHS2fi3hDZ2tZ502q4zUcR-kaUZDbIB2a8nDPGi2ODOOZnsAV1gs5ihXfKgS4sH_M2uxax6l5tPS26nBd0nzzmvTWBI25GKt_U8YepkCXl9fN1H4KDv8UNatcz7CzAgj07WTdwtjqRYctew7LO-qInnfR56QcZSS78X6dHm0_vEc4EGqz_qayBML5SCCfP2Rvno8UQASHaJDwGtkAbVkehhr1c0vNdWaKCcdsMhXaAe9VASIbyi3ljf47wKOP8wsQ83Yn-1mGqr-WXKBOAYAjqMgqBMWOZOE4SGC__V6gfRnUnjbTuaGXTuOmwIP7aocKBybuTbAGpprlI5jHQQgNe481sJAePzbZzMszSaKMPVVbwO2fyRd4GSEZ3izrVGwTOO-KDWXBmuS9mR_j4yswShr-71dIeLPv3aN3imOkFojCzOnkjhOaGCI5G84Oe2ibLfVMV5PbEP3gP9RfTzU-3SLXHJEadTSPkS9Q4l9tpL_5CdZzFcdeuDQTtf5cRZ36J0EFnt6-0oYjQd7wsu357A51sRMpnZH-ncTG_ASn6aml_i0Xs2qx_u2hRALoY4D6abRwmBBOP4_K-NuaXmr9I_BmaujQBMRm4BYux90PKDoWgzIhPFUY_-KfAxX3ylIBLxFbuWz-ubsw0MjnzOI5XZXVByot4i8z0ZbKMAiBK8E7dINXdgwirtc3HpErxfs_DMeWZ483BZMFXtb8ZP0wjeLIhFlgUhZeARerb9yHK9mu2g5IKKWrxCB6FAQ46QT1abkggCZcM45sK6NfnPR8gHcsblmT6mF1zx_xw

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F65 4 KB
651 B 53ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:29:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7F65 6 KB
723 B 54ms
53ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3846358ba3c2458dc9cf1989773f6aacc50ba6965d9e9da2e17de45957f7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:32:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7F65 49 KB
18 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js?_=1678307569210

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
content-encoding: br
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17987
expires: Wed, 08 Mar 2023 22:32:49 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 7F65 17 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?_=1678307569211

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e220226b6daf9afcc3676bf181a0b6b72060d274d09fa838fae65184222ab337

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ac2ef0b8980b3937"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:32:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 7F65 91 KB
28 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?_=1678307569212
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 20:32:49 GMT
Content-Encoding: gzip
Age: 551
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6713)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 checkout.js Show response
checkout.stripe.com/ Frame 7F65 88 KB
23 KB 53ms
52ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js?_=1678307569213

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-31.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
last-modified: Wed, 13 Jul 2022 15:14:21 GMT
server: Cloudfront
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"9df39fdc36e7b7d12c767cc16f78989c"
age: 57
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
x-amz-cf-id: -08Dl_BmoQM10npOK56MB8YlVlS5OTVVY5jM1KaOzhbOjGYL5AHx9A==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 7F65 3 KB
2 KB 48ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?_=1678307569214

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf2e554949d9f9386da57f495ca36fe78ddd627515fc601f32c7e2a381fd3320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
content-md5: zjf1O4KABVNqMKeYW/pN5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: XTZXZco7qiG5zT5Vs/i1biqS8GxsMj4rogzrIDdjmwSg+Ie9XAXbkJ0wgq20uSwlK5jIliHKzsdHCll54cM3iw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4f6457e831cc0f1ccbe6b6f4e25ed16a
cross-origin-opener-policy: same-origin-allow-popups
etag: "9a4f821423a7e1a77b36163c85a8ea3e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 20:52:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB40 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWAUY8PAIZPn5BJKkrAS4_rDQCgAAAAA4AeAEAg&bg=!TU6lThrNAAbv3-2Ez987ADkAdvg8Wve9tl-ArPMDBBAVw9KxSWu30DyPGwRFhE8Q4Rh2CgnDgIfg8gKfTCa6BOp_LxovnA-NeL8CAAABblIAAAADaAEHCgAoIVnUNGFx7yZeImgb54h7FLvjm5MU5skfcLPbWDxFEGnJWgC0Zm8kkpkC58dnlz0GbfRtsTFPsydIOnywWjSw3sQa_aFIsf3TeHzP9bqRjpob2Pz9HNGctuelNuav9_Yc2wDLIklitilnaQ6II-w7C9OIZY-vWZh93vbrfvY4Lt2EjfF6jJ8USpvAfaZBeCm4UQ-w2RaAcgHuoVT_H9bokZCL39C9EzN9kDKO2KbwOJUY-KK36r_m0sebXXlNydErtWZN0W6VS7sq5lT0PqqZlrSlj5JI82hRvDqgufz3sEH-G7TpRVkrb-kc9td8E1OJQLP62ld2QcpVyt6lpx72xdns3RyebBcpRXSfQ6QJX-cz4TUE4LAvBigQtFN2RVv1wINTm01HFvPlHgWVXXywvsSj3YSj9xbV6ETFnTnyb1fTC4laDAuaQhmxZNYBDKxhjrIFzaOL1R5NmA5tHLQCkmBl2p08YJOG07vlFP5UVpAq_twW-0brxQfrNL9DDDkVU4sxnPL3cvHOtBxmMswzDSiRjls7L0oXA4Dce3qAk1WhHPrEouXemBo3LwxzH6FdgNgiqWeZBzyWPJunu_M79b_nouKlDP-cvYqErKRYgF7E5FctITZFdrZiobQLyur4UvRue2NsyXQo_hlZ_qCNu7kiyvMYTcAX7c2U8EBrVUjXrcc_El-xai-sGMr8QSzFVK6h1_1Y9eRfprfzs8Cpk-NNa2-LPp_K1qoOm76oNKh2xEQGrylFSiZ0f3yNGTYw-8p-euiuUpeue35mEqebYNsTYRnUWLu1JeDGCYtr60-06-cc8dxJaNrMODdBi6wadaarqu5NGnVoSp5sFP0fZyiWM_ePjPCMrjQKpAOUY51pMqcTABLjXvPBm3zMx7faSiu4K0SfjSdsxUZg9pTKhl9WhQZJxC5ibuwHvEZVwpYmAvuTQKI0uLr__s1kVZv9yJRb73o9T0MJahXfdwFsxZNLG72x9_0VJjdMfBryVU2AmeAlVoRF9vXDjn2o9vzQjsQZGMYlpRGqntEZHGpc_Y8a

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AE3 0
20 B 121ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2dRi8PAIZLXLA7vpx_APr5K9gAsAAAAAOAHgBAI&bg=!hYalhtLNAAbv3-2Ez987ADkAdvg8WrKS7lxa65uPe6ZPMmYiXx3zLTIURQDs5rDh0HB4Ve7qm2aHdSINb032zyPadHsFlKvFbCkCAAACFlIAAAACaAEHCgCGX862q0C3-ssZuIOa3yLN9xOGUT37OkQ0aX35wQ8UqeKwqC38LdUUSeMWCTvHBy9aKQVCMDKddjA56ahQ6C-3YsHGBNNqSdyBkV319q4xHIcwJksedwtoedSbKQCgekYlwuROXyFcnFzn-hFe24IH8zjdTml0pnUXdc4NTJsJs2VhrYhlZ4CZAu0tlHPyMM4XZPH0vjCduCqE2ZHMjBa4lDUtghFTrkKKBZwzSWIXPN3fUv2MaOR2CuHzaYwms7aakAsA7047JvZ5LargyZz9-98PG-d5ehOQACCJ7nS6d5fRoAIxp8a2nMKuZW6L9IZnOQ3a2OdHiapv7RX4dNADNMo99vx-9Cyxk--qGx5eglE2d8acLBH71PRMnSU_2w6O6mWz906ebew5HfWSnSIt9jVXTABXw_6qM4STExZByP6WTnaDlovAJt6WoKFqznwn1RlmqQPmJfk47HT5Dro5cG4nwPOmqmtgmnSsHio-eqs2jPVcbDXmPVwOo_BbifuccEVUJtQ7-trqYEO8nLD9doFn-oTRZ5i6fjg7PlRped5H19srv9oMNooVlVGIDPFNd6oLbDAH90WOoFybSJk4xuT418RK0QiydVLtAbouFNbbwl1TG21F0Wl0bjSpEXgS7OUlF9s3HKFXTvmI-XnW7vzVz8ub7vTiXLBsNNJaH_da2Tho-pDPdPxncSZ4zasYm84R7JUOmO8w-Lu57PiyxMSvYBTJa9xO3a5W_YZjrpgeLVZCIL8JLSFZIQkgbk0A2__70GmD8EDy8GkELwQuiyYecM5LRjxJ521m1Q3O8xWcSIuCfHHEVpkuLJWtuhkFUUSf6g5mCpRVSMv1sGDnSwLBYU02UnvnwHEcQ83kgGUYCrvKWzJx1yUddVuQNvefU-X-dJPdgg30v8y7D2WpyUOJaIliy7kjI206ZPU76PNCb9kh9_Q2wKbDNpQniJEshw20f2-mIy2L_JXFFDkBZfgDH9c6qBFGY8QKO-id6kjk1wihImg2Txk6zLn0JLlrXHEbyIHu_YbvpqcveRm0-m3Js3uDmKR9drF0EOVOxLFLtkGj2CjKDyHo5yXATLoNQsToBAc_C5HV9IlxZtgFhx8y7PFLwi5-u6kcDRFXb2YfqfSeLKpWZIpTMHmLCmeh0qwue5pmn6G5HL0qTCHPZ6UQZdk8Wg

Requested by

Host: 9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
URL: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F119 42 B
64 B 122ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOzbxJ3pzBN-18HuGVhFvrzEPpHIlmGop6cNGAgsPBh5T6m7J4gsdqnqUMIgQjFNPZ55_ELLHmgKG4soiViSbfe-li8KP7H-vjOV5054aHCbG7aK-oBF9rWYUAmolZjVaZsSfImw&sai=AMfl-YT6tRqK6IOoXeTIjtuMBQalXDWEYTGjlUWaY3dDZQFpuuHd2U0n3pp7uPekW9_BRWF50iT9u6WavA7LInc7NmC-W_JxQ9lWVMlNT9WGvbY1mxzfXDJBy2IWo6Bq9jHXv1YW3_yHQ74uwSFNpw&sig=Cg0ArKJSzMyD-mctKp4TEAE&cid=CAQSTADUE5ymdTuKGGTOc1WjmelM9IlSR7CyLgUm5Ul3gCSduPSKE1iK-58y-q8YUEhMibWRUhGaLF8ARjquTPbeEUiHHcFLnvmMVkmZoewYAQ&id=ampim&o=470,1044&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1054&mtos=0,0,1054,1054,1054&tos=0,0,1054,0,0&tfs=596&tls=1650&g=62.40000128746033&h=62.40000128746033&tt=1650&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: mikeonline.com
URL: https://mikeonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3AA 15 KB
16 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 471298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F3AA 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 241423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F65 15 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 471298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F65 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 241423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame F3AA 303 KB
85 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=903a600c0a87847f71191b11a7c86aee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?_=1678307569073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57797ecc3ebc72b38c9a9888e9f2a2a0f8b8ffcde28caa66da3f0ba095a77e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://campaign.aptivada.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
content-md5: p93p9UFoe62sfpLU4BWQcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86926
x-fb-rlafr: 0
x-fb-debug: Sn2XLGfAVxILMnIzZDbL0U/lgPtHyNlSZ0VsQCOe2nUcNKivcCPGCKcjMUpjDt9/d8rGKBKSBfP5njkvF8VYag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e6ceda754c0908f19119c12bd7ff4b5a
cross-origin-opener-policy: same-origin-allow-popups
etag: "7334b14dfda283ea4820a266cb5eb81a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Mar 2024 20:15:21 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame F3AA 2 KB
884 B 34ms
33ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js?_=1678307569069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Mar 2023 20:58:07 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame F346 320 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1678307569071
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://campaign.aptivada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3710969
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 20:32:49 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 7F65 303 KB
85 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=903a600c0a87847f71191b11a7c86aee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?_=1678307569214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57797ecc3ebc72b38c9a9888e9f2a2a0f8b8ffcde28caa66da3f0ba095a77e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://campaign.aptivada.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 20:32:49 GMT
content-md5: p93p9UFoe62sfpLU4BWQcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86926
x-fb-rlafr: 0
x-fb-debug: Sn2XLGfAVxILMnIzZDbL0U/lgPtHyNlSZ0VsQCOe2nUcNKivcCPGCKcjMUpjDt9/d8rGKBKSBfP5njkvF8VYag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e6ceda754c0908f19119c12bd7ff4b5a
cross-origin-opener-policy: same-origin-allow-popups
etag: "7334b14dfda283ea4820a266cb5eb81a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Mar 2024 20:15:21 GMT

GET
H2 200 1433390 Show response
aptivada.com/api/v3/app/fetchPromo/ Frame F3AA 7 KB
3 KB 215ms
214ms XHR
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aptivada.com/api/v3/app/fetchPromo/1433390

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-38-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f21ae76ee4cd95693a2d41c3b0f3b59e45e93067e5160bf4ec006c8ca9f92b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://campaign.aptivada.com/
accept-language: de-DE,de;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE2NzgzMDc1NzAsImp0aSI6InZJNTZMaUV5Q2dqY1FDaVlYUWVxdnVJRzRBTXZJMjE5bk1CSmF4MWloaHM9IiwiaXNzIjoiYXB0aXZhZGEuY29tIiwibmJmIjoxNjc4MzA3NTcwLCJleHAiOjE2NzgzMTExNzAsImRhdGEiOiJbXSJ9.RsWMlO_0Rg3zyOFldVfxverxP12Pz1KDBtyneoDqe_o7Ues_aNZW59kChr3IN0534HaVbYQS9UJiftS72uacrA
content-length: 2433
x-xss-protection: 1; mode=block
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://campaign.aptivada.com
access-control-expose-headers: X-Token
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 1000
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 1433390
aptivada.com/api/v3/app/fetchPromo/ Frame 0
0 557ms
188ms Preflight
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aptivada.com/api/v3/app/fetchPromo/1433390

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-38-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://campaign.aptivada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin: https://campaign.aptivada.com
access-control-max-age: 1000
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 7F65 2 KB
884 B 29ms
29ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js?_=1678307569210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Mar 2023 20:58:07 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 933F 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1678307569212
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://campaign.aptivada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3710965
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 20:32:49 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 1433390 Show response
aptivada.com/api/v3/app/fetchPromo/ Frame 7F65 7 KB
3 KB 203ms
202ms XHR
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aptivada.com/api/v3/app/fetchPromo/1433390

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-38-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f21ae76ee4cd95693a2d41c3b0f3b59e45e93067e5160bf4ec006c8ca9f92b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://campaign.aptivada.com/
accept-language: de-DE,de;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE2NzgzMDc1NzAsImp0aSI6InJONGVPUTgzS3V6cFpUXC9jbTlsbmx4Q3p1QkFTc2k3NDBZR0k5cE5vMHlRPSIsImlzcyI6ImFwdGl2YWRhLmNvbSIsIm5iZiI6MTY3ODMwNzU3MCwiZXhwIjoxNjc4MzExMTcwLCJkYXRhIjoiW10ifQ.KunBEVwiRec2pjd8sivbFcsWCzE_862zDKAW-5vFs6BYQA7ebnZHiUf08RMCeoZUOiRNX0a62EUufeDGI30lkQ
content-length: 2433
x-xss-protection: 1; mode=block
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
vary: Origin,Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://campaign.aptivada.com
access-control-expose-headers: X-Token
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 1000
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 1433390
aptivada.com/api/v3/app/fetchPromo/ Frame 0
0 502ms
188ms Preflight
text/html 52.89.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aptivada.com/api/v3/app/fetchPromo/1433390

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.38.199 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-38-199.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://campaign.aptivada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin: https://campaign.aptivada.com
access-control-max-age: 1000
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 20:32:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F346 663 B
606 B 138ms
115ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f136d1a970d3360b7b4aa89d52282e06279fd8eb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 08 Mar 2023 20:32:49 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 750fb06858397d98
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: aaf8492cd48484728c005a52abe7f9ccc3007dd0f1bf797265b9784fef826046
content-length: 284

GET
H3 200 status
www.facebook.com/x/oauth/ Frame F3AA 0
0 33ms
33ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fmikeonline.com&client_id=142973449096741&input_token&origin=1&redirect_uri=https%3A%2F%2Fcampaign.aptivada.com%2Fpoll%2F1433390%3Fjs%3Dtrue%26parent%3Dhttps%253A%252F%252Fmikeonline.com%252F%26apt_widget_type%3Dflyout%26apt_widget_action%3Dlightbox&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903a600c0a87847f71191b11a7c86aee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: xifOBeZNcRlpmDEANqHwcMgQ3ppdQwfnZHDuo+06x9Fl926y15XCQitPZ7+53HpbbFpA+UIaEaej3VXYQplZ4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://campaign.aptivada.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 933F 663 B
341 B 122ms
121ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4d17743320a1cdfef8b8c7778a42bf3678643c5b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fcampaign.aptivada.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 114
date: Wed, 08 Mar 2023 20:32:49 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 08 Mar 2023 20:32:49 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cec735d09571de94
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: aaf8492cd48484728c005a52abe7f9ccc3007dd0f1bf797265b9784fef826046
content-length: 284

GET
H3 200 status
www.facebook.com/x/oauth/ Frame 7F65 0
0 31ms
30ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903a600c0a87847f71191b11a7c86aee

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 08 Mar 2023 20:32:49 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: d71CiN9Qo/S9a+jV82lFCHUL3ahQ04DfBZwzeEt/Md84wIHGJvgnzZijkgEPQ9oKYrKTbO9tyZNf2KDIjpTHiA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://campaign.aptivada.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 63ms
62ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

225f07d0e46b9c9721783f766fb3bbdc01b8e7a32847ffbb1fcda0146bc0e3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 20:32:50 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 7F65 946 B
633 B 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaV3Callback&render=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce8d4aa621953c44897e91500520f60ec83491fa04e98f30c24643d8906c36c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 612
x-xss-protection: 1; mode=block
expires: Wed, 08 Mar 2023 20:32:50 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7F65 13 KB
13 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 590634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H2 200 20fd1704ea223900efa9.woff2
campaign.aptivada.com/ Frame 7F65 75 KB
76 KB 27ms
27ms Font
font/woff2 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/20fd1704ea223900efa9.woff2?v=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 06:47:48 GMT
x-amz-version-id: null
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 16:57:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 10590303
etag: "af7ae505a9eed503f8b8e6982036873e"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=31536000
content-length: 77160
x-amz-cf-id: ONu8D-UCD62Lk7WMg_X3y7AmGq26yH7wdDE5_yh83Tr3yFAM4oUu9Q==

GET
H2 200 xl_395102895_poll_1387744_standard_1671713353.jpg
cdn2.aptivada.com/files/app_graphics/ Frame 7F65 79 KB
79 KB 60ms
59ms Image
image/jpeg 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/xl_395102895_poll_1387744_standard_1671713353.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cc449f5fe4244517a2c95fa965503877a472f43b06a29c715e5058d0086ceeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:03:30 GMT
x-amz-version-id: dM4LaTZ6EA5syUzqL0XzJi.EXyOamIk0
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 12:49:14 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 102560
etag: "2895399ac51873a402fb43afa812faff"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 80714
x-amz-cf-id: FoSy6-cIpuEfyXq9F29Z_-hEMhdFnurbPMsfkm9qNH7Kq6Fz8NWOXg==

GET
H2 200 xl_395102895_poll_1387744_standard_1671713353.jpg
cdn2.aptivada.com/files/app_graphics/ Frame F3AA 79 KB
79 KB 51ms
50ms Image
image/jpeg 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/xl_395102895_poll_1387744_standard_1671713353.jpg
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cc449f5fe4244517a2c95fa965503877a472f43b06a29c715e5058d0086ceeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:03:30 GMT
x-amz-version-id: dM4LaTZ6EA5syUzqL0XzJi.EXyOamIk0
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 12:49:14 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 102560
etag: "2895399ac51873a402fb43afa812faff"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 80714
x-amz-cf-id: EnjJzxZsT7QpuAWmv32x0f1eox6ranShZBr1El4gQ7qT_-W3SClmyA==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame F3AA 946 B
633 B 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaV3Callback&render=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9

Requested by

Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce8d4aa621953c44897e91500520f60ec83491fa04e98f30c24643d8906c36c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 612
x-xss-protection: 1; mode=block
expires: Wed, 08 Mar 2023 20:32:50 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame F3AA 13 KB
13 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 590634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H2 200 20fd1704ea223900efa9.woff2
campaign.aptivada.com/ Frame F3AA 75 KB
76 KB 13ms
13ms Font
font/woff2 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/20fd1704ea223900efa9.woff2?v=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://campaign.aptivada.com/poll/1433390?js=true&parent=https%3A%2F%2Fmikeonline.com%2F&apt_widget_type=flyout&apt_widget_action=lightbox
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 06:47:48 GMT
x-amz-version-id: null
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 16:57:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 10590303
etag: "af7ae505a9eed503f8b8e6982036873e"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=31536000
content-length: 77160
x-amz-cf-id: H2nO45qILgsk_LK89jkVhe8LWq7ZANukRLjEZ-Td9tBflrviAmdvTA==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7A27 16 B
232 B 83ms
82ms Fetch
application/json 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 115ms
24ms Preflight 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Mar 2023 20:32:50 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECC 0
20 B 116ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6487801234546&version=m202301230201&ct=77&x=1&cor=730127399378076500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 034A 0
20 B 115ms
115ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6393652881918&version=m202301230201&ct=77&x=1&cor=13145880665544507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xl_395102895_poll_1387744_standard_1671713353.jpg
cdn2.aptivada.com/files/app_graphics/ Frame 7F65 79 KB
79 KB 25ms
25ms Image
image/jpeg 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/xl_395102895_poll_1387744_standard_1671713353.jpg
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cc449f5fe4244517a2c95fa965503877a472f43b06a29c715e5058d0086ceeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:03:30 GMT
x-amz-version-id: dM4LaTZ6EA5syUzqL0XzJi.EXyOamIk0
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 12:49:14 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 102560
etag: "2895399ac51873a402fb43afa812faff"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 80714
x-amz-cf-id: GaIp7bTXC5bvQiGt1KHR1Tl5uUN_k9nMcZUIcm1A2-dsuaFZ3JvGYA==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A27 0
20 B 117ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8401600751325&version=m202301230201&ct=77&x=1&cor=5310303770810689000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xl_395102895_poll_1387744_standard_1671713353.jpg
cdn2.aptivada.com/files/app_graphics/ Frame F3AA 79 KB
79 KB 24ms
24ms Image
image/jpeg 65.9.95.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.aptivada.com/files/app_graphics/xl_395102895_poll_1387744_standard_1671713353.jpg
Requested by: Host: campaign.aptivada.com
URL: https://campaign.aptivada.com/poll/poll.636a79b70f1022ab6b89.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-71.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cc449f5fe4244517a2c95fa965503877a472f43b06a29c715e5058d0086ceeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaign.aptivada.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:03:30 GMT
x-amz-version-id: dM4LaTZ6EA5syUzqL0XzJi.EXyOamIk0
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 12:49:14 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 102560
etag: "2895399ac51873a402fb43afa812faff"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 80714
x-amz-cf-id: G-NnVjeuc1R12q-UDh1P5fx9xn_MXUoSTWzZruObCA34PeJlgj4q4w==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F8D 13 KB
5 KB 17ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:41:06 GMT
expires: Thu, 07 Mar 2024 19:41:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 38B0 783 B
536 B 26ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6650b7679230ab4fc73acebbd07e98e8db1c4800d0483c0f2bf08e1f616aef8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JEbHIeW5-6MjwS6j8DVgKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mikeonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-JEbHIeW5-6MjwS6j8DVgKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:50 GMT
expires: Wed, 08 Mar 2023 20:32:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3ECC 16 B
232 B 86ms
86ms Fetch
application/json 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 25ms
25ms Preflight 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Mar 2023 20:32:50 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 034A 16 B
232 B 72ms
72ms Fetch
application/json 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 25ms
24ms Preflight 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Mar 2023 20:32:50 GMT
server: nginx

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 7F65 406 KB
163 KB 128ms
29ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaV3Callback&render=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaign.aptivada.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166129
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:19:59 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame F3AA 406 KB
162 KB 217ms
119ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaV3Callback&render=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaign.aptivada.com/
Origin: https://campaign.aptivada.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166129
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:19:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 38B0 0
0 115ms
115ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030201&jk=2119287484723854&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F8D 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14266
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:16:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F8D 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h-sZog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C3D6 42 KB
22 KB 35ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=87xzhw3tlngg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64510e2368dc461e276b5db95367c584f792bb61817df6428b605948142fcde2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--0SkqH5RqT5jAnVyd3YY6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaign.aptivada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22542
content-security-policy: script-src 'report-sample' 'nonce--0SkqH5RqT5jAnVyd3YY6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 177F 46 KB
25 KB 45ms
44ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4471af96e260c30ff9460996b0058f04300fb30f9f6d195b61afb2dfa5168cb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7O-idbhPyEHpK9rs6LGPag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaign.aptivada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25623
content-security-policy: script-src 'report-sample' 'nonce-7O-idbhPyEHpK9rs6LGPag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 20:32:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame C3D6 55 KB
24 KB 88ms
30ms Stylesheet
text/css 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=87xzhw3tlngg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 17:50:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame C3D6 406 KB
162 KB 119ms
61ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166129
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:19:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 177F 55 KB
24 KB 80ms
39ms Stylesheet
text/css 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 17:50:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 177F 406 KB
162 KB 103ms
63ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166129
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:19:59 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 177F 2 KB
2 KB 30ms
28ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:14:34 GMT
x-content-type-options: nosniff
age: 587897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 01:14:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 177F 15 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 536747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:27:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 177F 15 KB
15 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 7447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:28:44 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C3D6 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:14:34 GMT
x-content-type-options: nosniff
age: 587897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 01:14:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3D6 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 536747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:27:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3D6 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 7447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 177F 102 B
134 B 24ms
23ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8ff88a7e8929aa6842a0a31663d71e50c66679b7e225081f2c10b5bec45ca97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=hs25afjitu5m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 08 Mar 2023 20:32:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C3D6 102 B
134 B 23ms
22ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8ff88a7e8929aa6842a0a31663d71e50c66679b7e225081f2c10b5bec45ca97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdakPIUAAAAAFx_0cVaGDpR1Ljhv08sNFDXxSt9&co=aHR0cHM6Ly9jYW1wYWlnbi5hcHRpdmFkYS5jb206NDQz&hl=de&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=87xzhw3tlngg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 08 Mar 2023 20:32:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 121ms
121ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030201&jk=2119287484723854&bg=!6Oul67_NAAbv3-2Ez987ADkAdvg8WhKBcthZFcbcalNTMi_fSyfS9MUibeUU-bqam4JmQaVS8fMdyDWrHGt5ziobUyV2O5oA10UCAAAATVIAAAAEaAEHCgCz36l4eApHYxFgjAoANpSZYQcO5fHy8FlyaWWrKTEU_Cheht-rQXn-nQnItMmLe3zqY7LLlhskt1DWYz82RkB65j5CnIKsWMoHTyvEPtAXRKru9ArLe-YNu-LXT6_oJSaVtfgQWN4d37iXyILQYjWcX8rzDtZgSb8TWDHO26FdyDkn6E6WPN5kOgAiG3hdfHgLfdT-W5xAcTVVe0o9to_GkQZjI5OgGA0lt29-aSudWzC-4lOZApqHj1di2ISpt8OnTGcdPgqAA2JkGgtn-Z335037cBxcbTtucQXbqztrv_wm2MRawje6rEPLIK9QEu-RQiCcI0lkVWuQHOWPDHYKeJtegLdwxzxmI3lQr7cJwEOqww60FB1NRPgFLEDRmVXtnBiVDiV4RbF7_DS9GgXUzEjhi6kmCAvg6f_wQtIVDqaTzux85Un5JUGb7PDrM2-i6XbqpfIn9Q4FTq_IvgDfU_xXzNzV2t9g-KGIT7ZDGOWKxTlF4rRDxDHKHzA4BATXnYHUHOakbjRqxmv0QK4rUqW1ns48WmAr3ziLBWtFB5d6YHouX0ZetES2gc1hGmxiDFGm3-7CSp1JOOWZcJQwsXTCRDS8y-O2-HmTDc9q6ggDS3v8YLRkzgmewKhhSBN-LlzfOPskpKh3p8RhkjRonaBxm2D7fw1syH57Eqw6e4HWB7FwJuWimBo7d3dsshR1fT0Ub5uRNE1MY5cZxFy81b8VkDWJpRv4dgQ2JdJ3dURa3fzjzdwRYxQwj4UzJQw1wCEMvoTCiETxIc1R6VfbJvy4ih02rFqJyqhVXcMUx4Tb61IPvGB1QKETY1zzL7USQMFzSBiI1z-GIk8pVjh-nVN2KfoeYPmS0hjaUa7n4PrBVwZWipVrg9Du3Z-apRTkq41nQNrEWbWd6p9NrCvtxKOWW1IWnTYl7sbq7Z2VbpGgLt4MMzxOA2KNZRbTNWRUfuS3QvZ0uMkTeFxo7MMmDwRWY27WLpIFaaxWxR2FWwc9gTpZZ0CM_sS5KD2Ln3WRLv8foexUHoi_VbbM6vEZRRMqH_SRGi7kl6eQian_qbTZ4AE6yRNe_W8DwNQUr02Exh9U3FGZ38-o_kMa_s1FxSow6MyOkKisWMz2xEk4IMU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mikeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mikeonline.com/	1970-01-20 19:47:47	Name: _ga Value: GA1.2.73497616.1678307567
.mikeonline.com/	1970-01-20 10:13:13	Name: _gid Value: GA1.2.316392903.1678307567
.mikeonline.com/	1970-01-20 10:11:47	Name: _gat_gtag_UA_21830187_29 Value: 1
.mikeonline.com/	1970-01-20 10:11:47	Name: _gat_gtag_UA_34961268_2 Value: 1
.mikeonline.com/	1970-01-20 12:21:23	Name: _fbp Value: fb.1.1678307566741.1779286254
.quantserve.com/	1970-01-20 19:42:01	Name: mc Value: 6408f0ee-c2b05-e39e7-1568b
.jsrdn.com/	1970-01-20 18:57:23	Name: u Value: d4d1b0d9-9612-41e8-8fea-ff7ccb85e75c
.mikeonline.com/	1970-01-20 19:36:16	Name: __qca Value: P0-1292488844-1678307566709
.mikeonline.com/	1970-01-20 19:33:23	Name: __gads Value: ID=8e09b0c0ef43b0f6:T=1678307566:S=ALNI_MZgrOg6MM-95K_wtwNyzpLFLY42kA
.mikeonline.com/	1970-01-20 19:33:23	Name: __gpi Value: UID=00000bc28946357e:T=1678307566:RT=1678307566:S=ALNI_MYhkMlSp7aeXfubLolV96LtfzY91g
.doubleclick.net/	1970-01-20 19:33:23	Name: IDE Value: AHWqTUlrM9_v4KLoJJmXTj3AZxU0ezWWFVGOFxWW-_WWFDuMvFN6mNk9kK4TRQKjNjI
.casalemedia.com/	1970-01-20 18:57:23	Name: CMID Value: ZAjw78cxbePTpyKR7oz5EwAA
.casalemedia.com/	1970-01-20 12:21:23	Name: CMPS Value: 1108
.casalemedia.com/	1970-01-20 12:21:23	Name: CMPRO Value: 1108
.doubleclick.net/	1970-01-20 10:11:51	Name: DSID Value: NO_DATA
mikeonline.com/	1969-12-31 23:59:59	Name: aptivada_widget_864_0_1433390_autoshow Value: 1
mikeonline.com/	1969-12-31 23:59:59	Name: aptivada_widget_864_1_1433390_autoshow Value: 1
.adnxs.com/	1970-01-20 12:21:23	Name: uuid2 Value: 1736721568839567125
.adnxs.com/	1970-01-20 12:21:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1sJ9XG!]tbPl1M>e)ZlrFUfJ+tGXxou^H$gq<9(mgFy4!1a>:sFA2OU'Q<7s'QanXm3If)y3KL9D3I?+Zjj^Vq
embed2.audioburst.com/	1970-01-20 18:57:23	Name: ai_user Value: 8uU2zyQg3Fhxl8+sgP8Di0\|2023-03-08T20:32:48.213Z
embed2.audioburst.com/	1970-01-20 10:11:49	Name: ai_session Value: kI8B8IkJvbRDCpdMj3aLa+\|1678307568221\|1678307568221
.redintelligence.net/	1970-01-20 12:21:23	Name: 8lcfmzhxc8d6_uid Value: cf4392627fd6e7aa
.retailads.net/	1970-01-20 10:54:59	Name: ppb2172 Value: 2384812510
.futalis.de/	1970-01-20 11:38:11	Name: raSIDb Value: 2384812510
pb.media01.eu/	1970-01-20 19:47:47	Name: DTU Value: BCBC8442A58725966D8AF6AFDE521F97
.office-partner.de/	1970-01-20 19:47:47	Name: source Value: {"webgains_webgains":{"timestamp":1678307569268,"clickCookie":false}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l Message: Mixed Content: The page at 'https://embed2.audioburst.com/skins/safinder/player.html?version=7s1hvj8m8l' was loaded over HTTPS, but requested an insecure element 'http://storageaudiobursts.blob.core.windows.net/site/images/promote/Salem-Hosts-Sponsor-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
9c2f0e6ece63765f746835ed8f651ee2.safeframe.googlesyndication.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
apis.google.com
aptivada.com
c.jsrdn.com
campaign.aptivada.com
cdn.ampproject.org
cdn.retailads.net
cdn.track.production.webgains.team
cdn2.aptivada.com
checkout.stripe.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
embed2.audioburst.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
hal90007.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
medialead.de
mikeonline.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.quantserve.com
platform.twitter.com
pushtoast-a.akamaihd.net
pv.medialead.de
rules.quantcount.com
s.jsrdn.com
sapi.audioburst.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
storageaudiobursts.azureedge.net
storageaudiobursts.blob.core.windows.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.244.42.72
13.41.33.70
138.201.63.117
138.201.63.150
138.201.63.157
142.250.184.226
142.250.186.166
145.239.193.130
18.66.122.42
18.66.147.52
185.80.39.216
20.49.104.0
209.126.30.224
2600:9000:223c:1600:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:4e:1::44
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9c
2a00:1450:400d:804::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80d::200a
2a01:4f8:d0a:2321::2
2a02:26f0:11a::6867:48f9
2a02:26f0:dc::6853:53b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:401::1
35.177.30.54
37.252.171.53
49.12.16.151
52.239.246.4
52.89.38.199
54.76.176.197
65.9.95.117
65.9.95.31
65.9.95.71
88.198.250.30
88.99.165.19
94.23.99.218
99.86.4.52
99.86.4.53
006e5f0fa20a0d02352c4886a8f9d37cd01b9d7fdbaf4be6062153b4185f6c8b
01a8431f4581ca5103fa3cd43c2e751d273f8916c6e21fae729d9e25d632d8ae
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
053ec209337acd61f2f4e51db896df1912d9e410d4984066f9dba6e030a47775
07dfa0687e469fabc79db01151bbd8922943b12c6c564f41bfd3f950685a8604
0a4eb7672dd957edf36c9d6c0306da468ea0d62e03de4871baf1d5a711640ab5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd568641b9f03030696cca58bdbef7995e73f59d3253caf0064d62902745698
0cc449f5fe4244517a2c95fa965503877a472f43b06a29c715e5058d0086ceeb
0db04673d05d044ca6db74cfe3af56f3db365cc7ccc4810b6e23f5851ab8cb3d
0f0971a5b94f0be340bdf1e2fd24e00567de112af8a6f4d267b0dae20dcf178f
0f0edad7d5b34ca0a502c89bece4ea3782699711813ae1bfe74a15e40e3796a0
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
10565ce64fa781b072487373920d077f65975b4da780ab1775cb8825356bdc83
1056ab726f0279fbf00b8011448cfc9df05732f4c808edbc450a6916669c7367
108b7fc28fce0fb988e59cfc7d026246da4e76e9c047f2839d423b46ae8d702d
108dadb00d364c5a67a099ae6cca7eb7f0ed7ac95894de8dbcf03c57b95deea9
10fd5c6374ef61de2353ad3db1d513d987016ac37a19f737d4469ee2481fc13a
11c0999f3ea2292c3e52f3ebac953795b8a4df884f773dbacef16ac9ae3fdd94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c
16724f489d8784d9c8913f2e1464a3ec213ae53661bc4a7e109cb0da1fb1b2e7
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
184d003912733595c92c92b2931ff2b7b231ceb69d159e98cb2b5ab7561487f7
18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c
19f15cf0620a4cbe0e8eb4305ba38c369e88a28aada2b3581482dcfb88b251a5
1b143bd9a767b7d591ac78caf21309f55e68301e3ca6d7c8c0ad90eb8b97fa89
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c5b49c05f5aa28887ee7c4c18e79182ccb727cf28a5e352d7246f6d0327033e
1c6c749ca3a9c8e330444f44a8ad74732004ea4f1e66fa1ff4b021c3be18e207
1d7f8a5305d08a8d52f29f41a7f729722fba17974831dafbaaa21ee30adf9886
1f678868c375dc62f7f455a1d7458bf0813cd72b5cace2658ba1d8acb886ac5a
1fcdc4b88d09fecfb93fc8b83f415c4380cc31ee1eb4aeacad699fb145dc6d28
214302ae229a9ef55d8819f5debd18176174503141c92b6c58818173ff9b12b2
21cb2e6c122f0f11c5ddf9f9d2bf959864247bb4b19445199d2b9aef088e3641
225f07d0e46b9c9721783f766fb3bbdc01b8e7a32847ffbb1fcda0146bc0e3f5
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
239f8f43a5d5f8b9237d41201036665196287b088639b41eff502503bf16d271
2784c542114791c6dbd92d298e5472ef1f0595eb6cfb515758c2a05e27a915f1
294886eedccb551b4cee4d3a87c1dc6e91fec7409229cbc2e0ecc4708ef5ec3c
29829cfcd033786f0a920e1b9614f385bcef6cc50f3699f7b96c52b96432e9e6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f29c205e8f649728be9dc2d83a0ab91e2e85dcc75725bd4c33b538caae42443
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
30368b7a816e86a691a918196cb09f65792bf0a656b28e4eba5f1c81a5043ed3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323baf3b1760e56f2e31174d05b5b661be130612a22b99fcaa9c722b29dbf6a0
33e1421ac4101bd229b8e2c8dc3f041f81821740c784f7fdfb9450a4b3fe3cb6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
36e06ef256d8637e92d7eed2a18dbb6515e11261d1a368e9fd385fd49f2f72d1
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38f64a7b8ca0002ad03ba324d369ba38ea7e999e7e82fd98007393f22f32d838
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3b27def9c610fd1b701e7945e49512be1bb3fd085db8ae7d9d0f965ef8d907b5
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fbe9a9afb238c1f4da978b488d9db4e51512dcd783758e0b0634a2fc046d105
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
409d661e3a98ccd388fe96545de278dde23549a2ece923ee629b2ef1a3acfae1
4471af96e260c30ff9460996b0058f04300fb30f9f6d195b61afb2dfa5168cb2
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481b6469bc7d899dd7734ff39b7acd4fb09d493b7b4f0cfae185371e5f502ef1
4982e4fc6ada0c0ef33e70ac185693095f440279081c5cada73e2e6e7a11e879
4a5e8b9555aa36d23f4b83db3997cbfddf69c0bf57daa281fea6ae5448d7b1ef
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cfcc8083238bbcb9fb7693db0d7a96a8aa33ee7a6c886b28cf434664d271fed
504f94fae9862fa7b328516d19c94ec1ed6efa9857ba12589dddd9dd7364241a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512fc5c1b8a4526ca7e16f673381780e322134c923ff40d6bcf3a9bedd5a271a
52bcfe58e4b6dc7a7dff59c2f1630939bb80af3628deecc84c9b50ea6c737a05
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5624122d7b5604eb5ee4f280f6d672adcfc31a456beb4b54432dda0e00ee9672
57797ecc3ebc72b38c9a9888e9f2a2a0f8b8ffcde28caa66da3f0ba095a77e96
5810519a58fdc1bba745bf4ebec32775e0bbb30926206ed96fe99b9447281cca
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c30a604ec3b77c5cbee0731b4535480da2bdf420e1a3542582e5eea57536302
600230e783fa38f88891426af12ddac8e12e9c4cff3222b60310d8d2814b341b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6364535670103e0f43404f57f1dd7cbf2e2bdac181232def41bd8f99d848fb45
63db7e4679a00b89371464463b64c04dce75c172aec4eb277f814b93dfdcd610
64510e2368dc461e276b5db95367c584f792bb61817df6428b605948142fcde2
6650b7679230ab4fc73acebbd07e98e8db1c4800d0483c0f2bf08e1f616aef8b
6a68ea01c4d31c3532c2037da74bd6d006dbfd4cb9b41af3b67fe58d9c3932b9
6b81e18ccd7561100cff269cdc620bfb3237e3c1e31717610e72a0d37030ae17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6fa8c88f6fb8c595025a5499c5b965b2a3a0df3049103dedd6c4bd88861f4ab6
700cf37b70ee0f97a6aac4e54d955c2128ee60c63639048653532370a3d72997
711cb08a2ec32cd6b730b3106c586cb1d8fbc16e484ed89a8682a42a9dbd287b
71958d8fee014e793d66132d9f985850217e73ff455b7ae8783ab40621faaf8b
751ace1c7d92e00f2c42c14a0cdb178396462877a8aec60d1faaa315d2c8fbe2
758524550bc5b337d911fb8ee21de4bc2280379ab7848af0345c1e151a295a20
76fdd79aeadf405d42dc1779cac01e831a4666c2d9f900f31f5435af2ae3d9d6
7ae6c2908fcfaf6f099dc65739378756fa6d40efe1717fc06ed99c2c15659922
7b14ef380dba6519879a5b09fd2c894bd4f40cfeb79c745c12a3a244afdcc28e
7f11dbbe7b22ee5e4ce96ae070eb9dadd6944a425d4dae4971e6e61edee50fe8
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fff661744b28ba95528eced0da575b0abf3b1d891d297bd83f8f5958864fbe1
814584384197534008e3373149bab496d3f2ebd3db67259e36a9da8f29045e02
815f656ee0e11f6f7873a0bdb532be30f0f51201c7127a3c97406553d3653576
81b1bcbcf2e7913da5a4b84f1fc6570a6d4ba7ad29d7730c33a490f6d748af71
82d57c1eabc96a09496b75002e51e4f60711934fbb77db7bdb40778b77bc4898
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87cc3e3b0b2f1c273a21064d575cb1f83fa711c956908063e5b2627236cf9d69
8961a7fb3c1d945400c22a904ec490dcea2ba5118656dc3ade4e1772b7c365a3
8a980afdc89b08a8c84056a463a14899c9a378c4615d4645ee87eedf54d37439
8ce2aea535286a5e1fcbaf3fbc8490540324603e293fcfee256c3d355dbad6a1
8fef960c3736be3eb6ab3eeebc708928c3e9dec15a15a1981624957c54f66be6
909c5ac48fa74c1030d1c0725285f1138a7c7ff400dca06a19317670c89e8564
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
922246a1623fa5043f1c41a7d0d60444ae4b9411ac561626ba66cfea8b811bf2
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
928d006fac28559d4ab0ef0dbed86a026272858795b5bdb227303d38d2d025ff
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93c71598eb9fa4b6d8e05460544f6f05182d68bf28370ddb96fe8173789f4ca6
94463458bb438a378f2469fd2e7eb74896b9d2fe22efc29c2b3ddeaa39f16375
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95c53b375a20560eea4ba90c3762b9064c1fd8b3afae7f3a00a916493c5eac5b
99a0942af1bf18bc95aa7ed1b0d8a9d400ff9fbce51cbe03b8249ac7b0cf125f
99e2d2c58a8b8a08b28207e674ffe1595128d7f944c3deb6dfd83bf463d4a9b5
9ebc5b31cdd8df716c9615fda456eeb42ab58955627cee4b473cc2dde934bf0d
9f474569318d03948a8c0bde3dcd4fb68a30618654bb8573150dc19c35940baa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04cb176036681eaf2617d21f86c77b0e125bc24ed5437e235802f6287ea9d9c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22af4bf7d2f34a4490cfcb054a9f178feeabe988ace3d0a5ac7810008881a8c
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
a9d5af55a8d68bcf6804f8912452601ba941a25fcedb984d14ef33946a9ae6c5
aba0132e2426948db646222cda157707467d2205dc342bad98655f0fa7d2dfcb
ad0b39f390b09b089dcb7984459f325332e6731c8cbdf5ca2be2900c6537038e
ad7378e3849740723b2446181c8b5cdaceab213a9115a8dcc29163aeb93081c8
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4468c2c304068b2602bceb649fd451bffdd88f3596d0c6d09ae0a8edad1463
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1652093023ed8416f9a9789909650d64458b7eacd45c4bd9a3e65a2983ebafe
b1d242d571fb0ecf08209e2b601111617a364b6c824f5f27412ed000e2b7e39a
b305a7624e48301823dad54d58835885bd82f5ea04931c04a162ebb188a26ed5
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b5ff7f2dc779a7260c1b3d65f4a1f8ee4e61dacf92ca7f326197ded599bd533a
b8abdf96df5f8f31a02e74bd6f9a15d1525b4f8267faa0b6b407cbca19d63b45
b8ff88a7e8929aa6842a0a31663d71e50c66679b7e225081f2c10b5bec45ca97
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd52a588b12d42db3f53423781c1fcd41c60cf75d0fda30757eaeb7643a505a9
be63f671db96df3a488e56be11d8955142419ce57d988c4aa1e30310bdb78675
bf2e554949d9f9386da57f495ca36fe78ddd627515fc601f32c7e2a381fd3320
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c16ee0c6f64858e01d8fcb448d339955ee9e794cf54989b8d0f9817a86e568c3
c26210be1b17f8191dfd5a55e2190a90479c351844d0e8aa3fcf4db4c5b46908
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c4750351ae38d43062656e5ad832f0667bce4e753d01e869d3b079c8807e0e96
c4be8248cb698c031c27a6fe598828dc464e73ce2abcbfd7c506257e6f753ac2
c505b241c2ff882defa7981043fa3d7a34e1fb0d7a51f0fdfc96ef45ac15932c
c58929a69737b585a7b14fa445fe6bf683328b2e4543afaf2fdc1a6a4ea1672c
c6063b3af4d54bb007c51b5dba6f611a68ff6c75a674dc930735117e7c276503
c6180d3341b13071ce8e0a009a4aab21ee03d99e58a209f22b8a73a28d084e21
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb88553c2e4187536f6e620ea380fbba084011dd276f674b89443108e502fe10
cc21bdd86038c18b926543905e1a28e531b0bea3ddebf248639ed3361fac644f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce2e1e11364163401ad3db563cfd4f828f047507169ad0671e5241f59aadc271
ce8d4aa621953c44897e91500520f60ec83491fa04e98f30c24643d8906c36c0
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
cfedf76b70ee2908101ee95f47251d32130e0d9917a5a1945abb67c98f9f9ccd
d04c5aa1f3922340201c880ce836c21e46f07bf93fb7156b09d3d03aa946bf67
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d29d7d384f2169b03701cb6bdcea3b1d901c35fb7714ab5ca3c22b4b293ba6fa
d34fa312448702b51ac643cbb345c25b7629cc9ed43fc4336eeaf77f11b2605e
d3846358ba3c2458dc9cf1989773f6aacc50ba6965d9e9da2e17de45957f7b5a
d4c70195beffd278283ffe90a7c164dbea5c436f2a5cae19c463cf023cdd6362
d562d522e0b6be8cdca2e6a4b179718f5c786f8a1dd0b7add6e389a349804f43
d6c71a91b33b48fd88c12c8982e19ea06c86c0eedd66db1913ea1cc83dca6b93
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de44aa4ddb49fdcc1444491116b852ea9bfdc77d250623a3c0f33b9757db05b7
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0f09df56f7aabf366be449dae49c8c86124a42b71177240307820a41c7a1a18
e1f249cee33aff42da2e5f6604dc634201055f121a795c3d5d3ef292de7a2081
e220226b6daf9afcc3676bf181a0b6b72060d274d09fa838fae65184222ab337
e29b2696707898783147675829b152a114625174c610335f21ead56fecc7d2e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e79261aff8ac4c076f59de00c7d4f23ba7bc9a20f1cf8fb37e38acaf0bac189a
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
ea63f05328ce44ee4e42cf5d3cbd537f2b85185c867da93cbb7fdc2f3a387bc8
eba3b87847ffcf23d7912085e1273e0898176c6d136a499518bfc48cb6c00455
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ffe0dfbf41fdb05b2113fc1e393200ae354f6a839b99e4a5887c22b77059e
efaaeaa55f6ec3c9f8c66b8cb8b43986d15c204bb7ee5157457c9219fbc64fdc
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f12e66ba8827a3aa79eec49244aefe04a0c15f9b2ef944c75e18af80d27f1d2f
f21ae76ee4cd95693a2d41c3b0f3b59e45e93067e5160bf4ec006c8ca9f92b41
f32b7745de1984ac9ce96744410e7c4782cc9c3aeccbdd99b23cbc7ba6519411
f32f1b7df01aacd2929237bff28a99c992c64d4211e44dfcbc25221820e1066f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6083f823186fe025156440465be48f6de2079a16937c2e46ae825fea4db0fa8
f62e79b571af91ef51f0fb020e689dc0949d3d0ba0bfe52001dc7ce79e06b5d8
f649c070905a708ee6f6e3bac47ea8fbba35886b3ca85b787361fcfba1902a8f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1

mikeonline.com Open in urlscan Pro 209.126.30.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

366 Requests

95 %HTTPS

50 %IPv6

35 Domains

55 Subdomains

53 IPs

9 Countries

7069 kBTransfer

18844 kBSize

26 Cookies

35 Outgoing links

Page URL History

Redirected requests

366 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mikeonline.com Open in urlscan Pro
209.126.30.224 Public Scan

Screenshot
Live screenshot

Full Image

366
Requests

95 %
HTTPS

50 %
IPv6

35
Domains

55
Subdomains

53
IPs

9
Countries

7069 kB
Transfer

18844 kB
Size

26
Cookies

366 HTTP transactions
9 data transactions