urlscan.io logo urlscan.io
SecurityTrails logo

timebusinessnews.com Open in urlscan Pro
192.124.249.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Submission: On December 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 10 countries across 56 domains to perform 315 HTTP transactions. The main IP is 192.124.249.3, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is timebusinessnews.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 1st 2023. Valid for: a year.
This is the only time timebusinessnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 192.124.249.3 30148 (SUCURI-SEC)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.128.176 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
12 172.66.42.247 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 15.235.86.218 16276 (OVH)
1 15.235.9.228 16276 (OVH)
3 54.187.119.242 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 99.86.4.85 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
20 2a00:1450:400... 15169 (GOOGLE)
1 44.239.110.139 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 2620:1ec:46::45 8075 (MICROSOFT...)
4 23.32.184.180 16625 (AKAMAI-AS)
1 8 2a00:1450:400... 15169 (GOOGLE)
4 12 2a02:26f0:480... 20940 (AKAMAI-ASN1)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 151.101.194.49 54113 (FASTLY)
3 31 142.250.181.226 15169 (GOOGLE)
3 3 35.190.0.66 15169 (GOOGLE)
2 18.184.108.41 16509 (AMAZON-02)
2 2 213.155.156.180 1299 (TWELVE99 ...)
3 178.250.1.9 44788 (ASN-CRITE...)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2 23.32.185.35 16625 (AKAMAI-AS)
12 185.89.210.46 29990 (ASN-APPNEX)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
6 6 37.157.6.254 198622 (ADFORM)
2 15.197.193.217 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.160.236.64 15169 (GOOGLE)
1 1 51.89.9.254 16276 (OVH)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 52.29.13.21 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 3 104.102.45.165 16625 (AKAMAI-AS)
2 2 172.217.16.134 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.11.198.160 16509 (AMAZON-02)
1 167.235.3.16 24940 (HETZNER-AS)
1 18.66.147.98 16509 (AMAZON-02)
1 108.138.36.55 16509 (AMAZON-02)
2 3.10.29.13 16509 (AMAZON-02)
315 53
57    192.124.249.3 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10003.sucuri.net
timebusinessnews.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
checkout.stripe.com
js.stripe.com
5    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3053.infolinks.com
thumbnails.infolinks.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newslolo.info
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::681a:58f (United States)

ASN13335 (CLOUDFLARENET, US)
rum.corewebvitals.io
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    15.235.86.218 (Canada)

ASN16276 (OVH, FR)
PTR: dovh04.ca.zeno.fm
node-10.zeno.fm
1    15.235.9.228 (Canada)

ASN16276 (OVH, FR)
PTR: dovh56.ca.zeno.fm
stream-156.zeno.fm
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    99.86.4.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-85.fra6.r.cloudfront.net
m.stripe.network
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
20    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    44.239.110.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-110-139.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
33    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
4    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
cdn.adnxs.com
8    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a02:26f0:480:22::1726:62f9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
31    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    18.184.108.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
12    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
6    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    2a05:d018:d29:3602:d09c:564c:cd27:b30c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    52.29.13.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
3    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
track.webgains.com
1    167.235.3.16 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.16.3.235.167.clients.your-server.de
tm.simptrack.com
1    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
1    108.138.36.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-55.muc50.r.cloudfront.net
cdn.track.production.webgains.team
2    3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
57 timebusinessnews.com
timebusinessnews.com
4 MB
53 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
265 KB
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
511 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at — Cisco Umbrella Rank: 35458
284 KB
16 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1605
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997
116 KB
12 bing.com
www.bing.com — Cisco Umbrella Rank: 60
62 KB
12 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7726
router.infolinks.com — Cisco Umbrella Rank: 2762
rt3053.infolinks.com — Cisco Umbrella Rank: 67048
thumbnails.infolinks.com — Cisco Umbrella Rank: 62404
240 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
637 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
119 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
578 B
8 stripe.com
checkout.stripe.com — Cisco Umbrella Rank: 8133
js.stripe.com — Cisco Umbrella Rank: 1282
q.stripe.com — Cisco Umbrella Rank: 7730
m.stripe.com — Cisco Umbrella Rank: 1245
160 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
4 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
131 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
4 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
2 KB
4 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 192580
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
2 KB
4 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
146 KB
4 newslolo.info
newslolo.info
1 MB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
19 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
2 KB
3 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
1 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
207 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
297 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
845 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
452 B
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1771
686 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
655 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
890 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1361
16 KB
2 zeno.fm
node-10.zeno.fm
stream-156.zeno.fm — Cisco Umbrella Rank: 950036
170 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
56 KB
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 106380
891 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 83743
494 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 104746
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 89094
329 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 88416
184 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46149
628 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
877 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6100
671 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
444 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1226
213 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
587 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 711
98 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
248 B
1 corewebvitals.io
rum.corewebvitals.io — Cisco Umbrella Rank: 274624
583 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
78 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
315 56
Domain Requested by
57 timebusinessnews.com timebusinessnews.com
33 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
31 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
timebusinessnews.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
18 pagead2.googlesyndication.com timebusinessnews.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 assets.ad4m.at as.ad4m.at
12 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
12 www.bing.com 4 redirects googleads.g.doubleclick.net
10 www.googletagservices.com googleads.g.doubleclick.net
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
8 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
8 www.gstatic.com googleads.g.doubleclick.net
6 c1.adform.net 6 redirects
5 fonts.googleapis.com timebusinessnews.com
googleads.g.doubleclick.net
4 pm.w55c.net 4 redirects
4 pr-bh.ybp.yahoo.com 4 redirects
4 cdn.adnxs.com googleads.g.doubleclick.net
4 adsdk.microsoft.com googleads.g.doubleclick.net
4 rt3053.infolinks.com resources.infolinks.com
4 newslolo.info timebusinessnews.com
4 resources.infolinks.com timebusinessnews.com
resources.infolinks.com
3 www.awin1.com 1 redirects as.ad4m.at
3 dis.criteo.com googleads.g.doubleclick.net
3 ads.travelaudience.com 3 redirects
3 q.stripe.com timebusinessnews.com
3 router.infolinks.com resources.infolinks.com
3 js.stripe.com timebusinessnews.com
js.stripe.com
2 api.webgains.io analytics.webgains.io
2 ad.doubleclick.net 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 match.adsrvr.org googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
timebusinessnews.com
2 a.tribalfusion.com 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 r.turn.com googleads.g.doubleclick.net
timebusinessnews.com
2 ad.turn.com 2 redirects
2 prod-rtb.ad4mat.net googleads.g.doubleclick.net
2 static-de.ad4mat.net as.ad4m.at
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net googleads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 connect.facebook.net timebusinessnews.com
connect.facebook.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 tm.simptrack.com as.ad4m.at
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 pb.media01.eu as.ad4m.at
1 pv.medialead.de 1 redirects
1 ius.ctnsnet.com 1 redirects
1 pixel-sync.sitescout.com googleads.g.doubleclick.net
1 onetag-sys.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 id.rlcdn.com googleads.g.doubleclick.net
1 thumbnails.infolinks.com timebusinessnews.com
1 imasdk.googleapis.com resources.infolinks.com
1 m.stripe.com m.stripe.network
1 www.facebook.com timebusinessnews.com
1 region1.google-analytics.com www.googletagmanager.com
1 stream-156.zeno.fm timebusinessnews.com
1 node-10.zeno.fm 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 rum.corewebvitals.io timebusinessnews.com
1 checkout.stripe.com timebusinessnews.com
1 www.googletagmanager.com timebusinessnews.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
315 75
Subject Issuer Validity Valid
timebusinessnews.com
Go Daddy Secure Certificate Authority - G2		 2023-10-01 -
2024-10-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-15 -
2024-05-14		 a year crt.sh
newslolo.info
GTS CA 1P5		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-11 -
2023-12-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ad4mat.net
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-11-21 -
2024-02-19		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
simptrack.com
R3		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 43 frames:

Primary Page: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Frame ID: 7B09301475BABE13B0998E3935BB3B4C
Requests: 101 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 86025DCFC9F0C0CC4FF19D592453D929
Requests: 4 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3385590&wsid=0&pdom=timebusinessnews.com&purl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F
Frame ID: 9DE228161B822F2C8DE690E0C5E92051
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 72F8C88D0408BD28B4B7A434EE4F9306
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 6F221C7581446E3C547095A6F3E53FFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1701426711&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589421536&bpp=2&bdt=608&idt=313&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=568145841288&frm=20&pv=2&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=325
Frame ID: 51A1D96883D9B0D9EF211E41B026CDC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Frame ID: 874CD60593784A6D0381DFCCB6EBEBA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Frame ID: 57C75195778BB24D3456334B06C503F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Frame ID: C475E9998877D8BE4B2CDA175FCD0F98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Frame ID: 2102E57B941FD8145D6BD79A184EE32C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Frame ID: FAB66B97EB13B8C3B88B373AB167BAB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Frame ID: 37616FA3B59C76BC3B67E3B2C2E48C46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0781410CF1854F4291640D94378B97DB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E8BE677237E530E7716D723C4ED9D6BA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8A367E7DE0E0F5054D141FDD4DC6A9E8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 861F3807DB979FD422EBFBC8E0B0B40F
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3986BE4B1D6AA9226746C00860CDCB96
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: BA47FB59FDD136D5B941C1960659EB16
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
Frame ID: C862F400651B11C59F516A5E3F67E011
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Frame ID: BD7F5BDD41C7491C60118D3C3620E5B5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61154911AFB2E8B51622E243C20BD004
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CFB89DAAA7A3ED43623AD71DE18212DA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE972EB36B146D227F8353A382056D9B
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 9AF17F878669732BC6F3A907E24BFA47
Requests: 13 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: CBF53E54DD4DB0C6A3C35C7152DD2C5E
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 8DEEBD55262B29CEFB4749D47B0C5C89
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
Frame ID: 742EF876BE634E61EA54F5D31B2B73DA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Frame ID: E792C1FE8A1CD895F06F543076911C9D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D55D42AA8F5AAD291EE22CE83F492489
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 474EE082241690A889D0DCB83A6DBD64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3C42AECEE91822017359050351B90FB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7E102E68FD0DF39C8E3312090C1FA72
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E24A25913CDB237547856A99BDE4857
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F0D99A6D6DD1F0E0E2992B18F1B02C0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 4D6761EBC969BE4FBCA47FD11CF4D9A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 81BA1E3BAEF4250102992DBBD10D4CAC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 97B533289CB837CABA5694E9541A807A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: ADA007B9ECFFAE2940026FF417346A92
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Frame ID: AB125435694B68CED94DB5B6D2863698
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Frame ID: A689E67635EB26AA51D2088BBF0AAB85
Requests: 14 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 4AD81DA47BDBEE5FC46C5C299FA3E017
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 168CFCCA8FBA0AD49234A78634347374
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A14618A1B80BB5F90C4B1E0CB439157
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kriti Sanon Immediate 5.0 Evex Review - Scam Or Legit? - TIME BUSINESS NEWS

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

315
Requests

88 %
HTTPS

42 %
IPv6

56
Domains

75
Subdomains

53
IPs

10
Countries

8790 kB
Transfer

19522 kB
Size

47
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ HTTP 302
  • https://stream-156.zeno.fm/8qmmx15z0heuv?zs=YcMfjp4GRNWHBaNMpiDClg&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
Request Chain 160
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=663d4124-848c-4da0-b26f-7cf866222858&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=56fc580a-3680-4d6d-8296-f8eedc8a94e4&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D6f2ecc862e6b4b72b830e34de0e5cc84%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=4817249213103116784 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6f2ecc862e6b4b72b830e34de0e5cc84&SNR=1&GV=2&med=10
Request Chain 167
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHoetbyMMWj4HZhyLZumtOs&google_cver=1&google_push=AXcoOmQOAgTL0JPdzsjl4bjAbmImRagpxP5iXlNAf_kajYo-SUQper6umFTP333wTO615DMxvTECP3TiuAlkOVxfMNW2mik7cT_Ifl-R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHoetbyMMWj4HZhyLZumtOs&google_push=AXcoOmQOAgTL0JPdzsjl4bjAbmImRagpxP5iXlNAf_kajYo-SUQper6umFTP333wTO615DMxvTECP3TiuAlkOVxfMNW2mik7cT_Ifl-R
Request Chain 168
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOa0aFL4RR3ct_GfEWf_LMM&google_cver=1&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLWrFy3OHL8CgjmrU7d HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLWrFy3OHL8CgjmrU7d
Request Chain 170
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO5yRAF9QnzirgOFgTqDi70&google_cver=1&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO5yRAF9QnzirgOFgTqDi70&google_cver=1&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a
Request Chain 173
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEALrFRq720mGELDF9WBrBd8&google_cver=1&google_push=AXcoOmRYhkn9EuuF8PoFO1u38tmjqsBpzqlOFczu8_WXtWVFt7u50pkI-xOu08U-h4wp9dcEzjkSyVEpRaUJPeMC-nvuejf2Lvui5iHYtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRYhkn9EuuF8PoFO1u38tmjqsBpzqlOFczu8_WXtWVFt7u50pkI-xOu08U-h4wp9dcEzjkSyVEpRaUJPeMC-nvuejf2Lvui5iHYtQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 185
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5b4be08a-cfa6-44fc-8b3a-a7e6336a36ed&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=54ec3abe-b5e1-4dc2-80bb-f32fcb6ebbbb&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D51b0879422244f398c4cd96d46363e36%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=2084297032060640543&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=51b0879422244f398c4cd96d46363e36&SNR=1&GV=2&med=10
Request Chain 195
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7ddb81b8-8661-4d94-92d0-3baf77a1ad34&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=178984d0-4d8c-4d8c-bb60-fa4e0ad8d1ac&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Dd19825bd62a64f1fbdf8dc06d2240ccc%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=5717628893924536865 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d19825bd62a64f1fbdf8dc06d2240ccc&SNR=1&GV=2&med=10
Request Chain 205
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aedff7cd-8e25-4859-a7b2-3e83e177856d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=d8310ea7-22c8-4d18-ae09-8e06f5e23381&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc5be2bca4b384a7e9502f271a7d49d8b%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=4837000802906627898 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5be2bca4b384a7e9502f271a7d49d8b&SNR=1&GV=2&med=10
Request Chain 225
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 240
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1&google_push=AXcoOmRZdkCW7DSL9hcOEzzUKi_l8vX67Ngkmf5mM_iTnaGC8rxYlA3MxtJ4IgQZPmkKmiDHxzoFRIcTC9UE5UL0Id0y_ts1gIjVgGxPOa3Fxut7EKonubhToHOCADRfoLSJ9vtEt1PRqu_NxuZJIRtGJejeyGY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2ODE5NjA2Nzk3OTEyMDAxMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
Request Chain 242
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 243
  • https://um.simpli.fi/gp_match?google_gid=CAESEP__Jt3LSEWQQCgtzCoaUlw&google_cver=1&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oMhPYd0U6NWufnhuIl37khD99MmaoFY3mxr8NhGJlqJ071Fp-S5jNCBqzVsNPm1bxIbO2FvjpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oMhPYd0U6NWufnhuIl37khD99MmaoFY3mxr8NhGJlqJ071Fp-S5jNCBqzVsNPm1bxIbO2FvjpE
Request Chain 246
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEv3bAjazrINz3UPRZtfoRQ&google_cver=1&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O0masQWP3EWygpmanc32-c5uTslpFDlRPBEXX-s3Hup3ZbMS8RsT7PbrXcH_JwZrWukSHokB8FZY4fVw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEv3bAjazrINz3UPRZtfoRQ&google_cver=1&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O0masQWP3EWygpmanc32-c5uTslpFDlRPBEXX-s3Hup3ZbMS8RsT7PbrXcH_JwZrWukSHokB8FZY4fVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MDM4NDk4MTYyMjI1OTI4NA&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O0masQWP3EWygpmanc32-c5uTslpFDlRPBEXX-s3Hup3ZbMS8RsT7PbrXcH_JwZrWukSHokB8FZY4fVw
Request Chain 253
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDdjYw5R7JV2MJbQNKqfrJ4&google_cver=1&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW70DZrlKd1lcclbIVmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODI3MDkyNzMwMTc2OTM1NQ%3D%3D&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW70DZrlKd1lcclbIVmA
Request Chain 254
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEH_CXpC2g8Bt8vU6y_j-yJE&google_cver=1&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB_lCQzBzPKB1VvOI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB_lCQzBzPKB1VvOI
Request Chain 255
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENPOtVJ_15IPs903LImeUfo&google_cver=1&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5Ep02G1flM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5Ep02G1flM&google_hm=eS1teEk4enNoRTJwR1hfZzcuWUU3Q0JLdVhJUzBEMUgxYn5B
Request Chain 256
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHfxhggu9QI-c0SmqE-aovU&google_cver=1&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xpWKV7ju_qxfg67rEPP-iY2o0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHfxhggu9QI-c0SmqE-aovU&google_cver=1&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xpWKV7ju_qxfg67rEPP-iY2o0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4MzkzMTU5MDYwNzY0ODY2MQ&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xpWKV7ju_qxfg67rEPP-iY2o0
Request Chain 257
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBoE1bWrOHWSAlMOI4TqS_I&google_cver=1&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEPcjb7hkHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEPcjb7hkHA&google_hm=LPCNLno6RuKqwDFNpQxfRQ
Request Chain 261
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHaCB5CAeaXs9jpTU5hb_Dg&google_cver=1&google_push=AXcoOmSbJ2cEa5zhsURnftHdP5jBp8lUy5eEchYu4U6XcsJBPCZBBTqGkVe9gX_2q4RFctz_xCXRRLu8mmi504fEDzqrsareHBFAeN3UAtYGNASk1_MnZcdYKwLgyU8EUsqgWj9I8lGGr-YzKpCnFCzaQY1jEM8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld3eHJ3QUVHWTFkS2dBTQ==&google_gid=CAESEHaCB5CAeaXs9jpTU5hb_Dg&google_cver=1&google_push=AXcoOmSbJ2cEa5zhsURnftHdP5jBp8lUy5eEchYu4U6XcsJBPCZBBTqGkVe9gX_2q4RFctz_xCXRRLu8mmi504fEDzqrsareHBFAeN3UAtYGNASk1_MnZcdYKwLgyU8EUsqgWj9I8lGGr-YzKpCnFCzaQY1jEM8
Request Chain 263
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAbbdqYw3mJrj_zKk99s770&google_cver=1&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jYCJJPvCOHclv2wt_gbmz5NlkqFwsJ_N69D0t_mAau84tbxmnnWg8UuCFLMEB6-m8g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jYCJJPvCOHclv2wt_gbmz5NlkqFwsJ_N69D0t_mAau84tbxmnnWg8UuCFLMEB6-m8g&google_hm=eS1PQ09STkRaRTJwSEZwVm5iaDhQNHptZnZ1NkptdDJxWH5B
Request Chain 266
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBFTsnSfwMzV1d5Dq-yt18Y&google_cver=1&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHLpGMrb4D5Ad766ZRXphkP_w51u1hTM4_GBNaU0Z29YffTFfQQbsGHiidz3F-qkP9YbdTHVS-CcK4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHLpGMrb4D5Ad766ZRXphkP_w51u1hTM4_GBNaU0Z29YffTFfQQbsGHiidz3F-qkP9YbdTHVS-CcK4
Request Chain 273
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEArOki4O0Irt23CHGNucjPA&google_cver=1&google_push=AXcoOmThuIw8TUDVaAtSJXpeLizjpMPIuHPcoZCn9wjLHFbVfbBb0d8T-6I3xs2il1BkYeJJ90EISC8nTPMGCrqj1FiajAH515NO0Q3dR0juK2hhjMXMSHwYdpm7QI4_uRVkZP3XglzW9U3hWb5yN3Xkf7HwsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2ODE5NjA2Nzk3OTEyMDAxMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
Request Chain 274
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOVpvm5rfl0VdfPHTu-GhaM&google_cver=1&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbqox0URkYs7ZlbAf1dOHWrWdju6spy9PSETG5ULYsXUZrtQzNqG7OWCzBaNHlMxJMYl0PTUJZf2EGhgN-aJIjaGaAkbInF6A2ZjXxGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbqox0URkYs7ZlbAf1dOHWrWdju6spy9PSETG5ULYsXUZrtQzNqG7OWCzBaNHlMxJMYl0PTUJZf2EGhgN-aJIjaGaAkbInF6A2ZjXxGQ&google_hm=XhOLQRgHncvfIXJNRLVqtQ
Request Chain 276
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mhG2k7EHrhpjx6i-blNdDAMORC_GQetcDwLCkl6FSx7ibLI7a3bFe-Rlom_QUSZNP6AKPOCI8S5sxPQ-xZxGnIfhnWBjWy2qHEILJcIreOtEVQvKOo HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mhG2k7EHrhpjx6i-blNdDAMORC_GQetcDwLCkl6FSx7ibLI7a3bFe-Rlom_QUSZNP6AKPOCI8S5sxPQ-xZxGnIfhnWBjWy2qHEILJcIreOtEVQvKOo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mhG2k7EHrhpjx6i-blNdDAMORC_GQetcDwLCkl6FSx7ibLI7a3bFe-Rlom_QUSZNP6AKPOCI8S5sxPQ-xZxGnIfhnWBjWy2qHEILJcIreOtEVQvKOo
Request Chain 278
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAKJUtDRMYoNvZ6ekgNmqkw&google_cver=1&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94uKgup99XZEcEv2ghTyct4dGN_VjjuvKHaamLL56KbGcHEgFyZAvilfihNO3__XO20esFnfyk HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94uKgup99XZEcEv2ghTyct4dGN_VjjuvKHaamLL56KbGcHEgFyZAvilfihNO3__XO20esFnfyk
Request Chain 279
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENRvCaWIlhEdPcPNIesSS24&google_cver=1&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN5CQCFKzf62dzvFnskILBQC2HIiE5k6YY0tS9SS5Qv6xQKvutN5dFrzyQEvNTXcQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN5CQCFKzf62dzvFnskILBQC2HIiE5k6YY0tS9SS5Qv6xQKvutN5dFrzyQEvNTXcQ&google_hm=eS1NaGM3WnkxRTJwRklNblJKSzJZZFFZTnlaQWZ0aTVJMH5B
Request Chain 282
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1rlQzzWNE9w7jSWi3Xt42mhWzQ61Xv2LGsty4QBomJBSC2WMQIdN0vccjrQav-BRTfhp-bzBX4tBIHd8kMDCs71B0zpBl_aQ1tXbor5zv03n3896Q HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1rlQzzWNE9w7jSWi3Xt42mhWzQ61Xv2LGsty4QBomJBSC2WMQIdN0vccjrQav-BRTfhp-bzBX4tBIHd8kMDCs71B0zpBl_aQ1tXbor5zv03n3896Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1rlQzzWNE9w7jSWi3Xt42mhWzQ61Xv2LGsty4QBomJBSC2WMQIdN0vccjrQav-BRTfhp-bzBX4tBIHd8kMDCs71B0zpBl_aQ1tXbor5zv03n3896Q
Request Chain 283
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 284
  • https://um.simpli.fi/gp_match?google_gid=CAESEJoMR6I4_XMm0QobOJCBHhU&google_cver=1&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYsSgO921kP_6c2_1cKxKUBFs20m8AoFmQZqshQcbrhGHaE7hsuLYezuGa5semlL5KV96k2Qfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYsSgO921kP_6c2_1cKxKUBFs20m8AoFmQZqshQcbrhGHaE7hsuLYezuGa5semlL5KV96k2Qfw
Request Chain 285
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGIpSOPeY92CEAsqioNtv4I&google_cver=1&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinBvC4U8Nm2-dg_efvHzPhv4UkSb08V0_dCK4CQNI2mQbawBGwT0uZSAe0iNTrkhoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinBvC4U8Nm2-dg_efvHzPhv4UkSb08V0_dCK4CQNI2mQbawBGwT0uZSAe0iNTrkhoA&google_hm=eS0uNFZ5bDg5RTJwSEdOUkc2MDlQcXZBZHllOFBPU1dmNX5B
Request Chain 286
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKNo-L5SWupTqNr0-9L9API&google_cver=1&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rRlUVaQfOoVTWbtbiH8kOM9AN_1SeLk32Y8wbdn0YsjNMqAN9xlxWCGDocyUkY3QZUan_NnPfgAvgUwQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKNo-L5SWupTqNr0-9L9API&google_cver=1&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rRlUVaQfOoVTWbtbiH8kOM9AN_1SeLk32Y8wbdn0YsjNMqAN9xlxWCGDocyUkY3QZUan_NnPfgAvgUwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDExNDg0NDE2NDg5NTg3NTU3&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rRlUVaQfOoVTWbtbiH8kOM9AN_1SeLk32Y8wbdn0YsjNMqAN9xlxWCGDocyUkY3QZUan_NnPfgAvgUwQ
Request Chain 288
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGWjgWJ_RaQle2i6gYNC8d0&google_cver=1&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-mcxQu3ZaCwqJXPqyOGuj5cjJDudACDf9Eiqcvth_S1R0pdeCGndXTDWUw_6CICplw9fAZkq8OYLjHOBTLJFWzZJnZYZjsSu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-mcxQu3ZaCwqJXPqyOGuj5cjJDudACDf9Eiqcvth_S1R0pdeCGndXTDWUw_6CICplw9fAZkq8OYLjHOBTLJFWzZJnZYZjsSu&google_hm=iq-R8thdRDChEQlGFnO63fc
Request Chain 299
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 311
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJqGycni8oIDFbX2EQgdfnMPjw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 314
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1701589424_af715ad0-91af-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=

315 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/ 		120 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
892ad871b20b91539dc1373b5a235b724bdcd9d8e7b42e5e9254ce036dfb5405
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 07:43:40 GMT
last-modified
Fri, 01 Dec 2023 10:31:51 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding Accept-Encoding,User-Agent
wpo-cache-status
cached
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
15003
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		217 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y791HGRGDN
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a63fe820ac9b99729aaae345bb4bc4a68ab5b530237a9888a4ac254275106871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Dec 2023 07:43:41 GMT
style.css
timebusinessnews.com/wp-includes/css/dist/block-library/ 		110 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/css/dist/block-library/style.css?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
492b783a66b9e65b6f68f8665bfcfa1cb8dd711c5b09cf2f21217e58b0ddf7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 19 Jul 2023 11:13:56 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
6d4e3707-a9c5-4709-9736-5040cdd38c5f
https://timebusinessnews.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://timebusinessnews.com/6d4e3707-a9c5-4709-9736-5040cdd38c5f
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
slick.css
timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		1 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.4
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 23 Aug 2023 13:22:45 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
recent-post-style.css
timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.4
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 23 Aug 2023 13:22:45 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
button.css
checkout.stripe.com/v3/checkout/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout.stripe.com/v3/checkout/button.css
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 varnish
age
116
x-cache
HIT
content-length
725
x-request-id
638a0794-f880-4bf3-aba9-c71cdee5d42d
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Thu, 13 Jan 2022 22:41:56 GMT
server
Fastly
x-timer
S1701589421.061006,VS0,VE0
etag
"aa9c16d967e4074a065955880128c839"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
3
simpay-public.min.css
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/css/simpay-public.min.css?ver=4.7.10
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
46cfb50fdbb3f533c776c95ac40abdb8a0d8fb4369cedcc041d993109afd21c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:48:06 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
simpay-public-pro.min.css
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/css/simpay-public-pro.min.css?ver=4.7.10
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
61cf852dd0e35498a44caabd01e5514caa0e231fc58062d70c45ba1b85a24e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:48:06 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
general.css
timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/css/general.css?ver=2.09
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
1a9ed50d9775025a3cf6ed71efefc6ddabadd41252352c5bf88a1888b803cb05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 04 Nov 2020 08:06:21 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
timebusinessnews.com/wp-content/themes/colormag/ 		121 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/style.css?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
f0882e69552803b56175539fd69a358c8a8c1c549f1b5ee857375ade3874d88d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
timebusinessnews.com/wp-content/themes/colormag-child02/ 		976 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag-child02/style.css?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
f893d0b012eb8213fb5c54ef29d8f6f5fdde8bfc49d8155f07660c50f6ddb507
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 09 Sep 2021 13:48:11 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
magnific-popup.css
timebusinessnews.com/wp-content/themes/colormag/assets/js/magnific-popup/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/magnific-popup/magnific-popup.css?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.css
timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/css/font-awesome.css?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ctc-style.css
timebusinessnews.com/wp-content/themes/colormag-child02/ 		60 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag-child02/ctc-style.css?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
cc9c7b14fe952d6377ff29fb3c1e11624e1528af914793a248b5ccabbb06e7ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
60
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 09 Sep 2021 13:48:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
mailin-front.css
timebusinessnews.com/wp-content/plugins/mailin/css/ 		3 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/mailin/css/mailin-front.css?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:47:17 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-paginate.css
timebusinessnews.com/wp-content/plugins/wp-paginate/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-paginate/css/wp-paginate.css?ver=2.2.0
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
e379a211e75642755c7b975859d84ebf76697490618e8a6127a41036ef82f2df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 20 Dec 2022 13:27:19 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend-gtag.js
timebusinessnews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=1701426711
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
4a4c1a781dc07cb1ab7318e9e62e3067fc14965b99c6c4ee1dd5016552f53a91
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:47:06 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
timebusinessnews.com/wp-includes/js/jquery/ 		278 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/jquery/jquery.js?ver=3.7.0
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 26 May 2023 11:33:36 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.js
timebusinessnews.com/wp-includes/js/jquery/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
general.js
timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/js/general.js?ver=2.09
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
cc6d6250835c3d26e7301d608ea746588342bcb4e3b1132ea55cceed814200b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 04 Nov 2020 08:06:21 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
momentjs.js
timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/js/momentjs/ 		132 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/old-live-news/public/assets/js/momentjs/momentjs.js?ver=2.09
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
072f0c64dae4905a6519fee8e36fd72519c17367346bc565d240f37a9599cee7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 04 Nov 2020 08:06:21 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
mailin-front.js
timebusinessnews.com/wp-content/plugins/mailin/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/mailin/js/mailin-front.js?ver=1698752837
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
4c8d840959b4488cd31b2a56f3cc54f8bc25f071793a7d1bfe7a672c3285e6e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:47:17 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
171b53ac6c2b6c6465d43bf526ad79f892551eef87d62385642c08b8d2122038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 06:06:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 07:43:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6eac1716ca623f3f58f59411d6716ccc14634d1782e534a04f5630f22600535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51688
x-xss-protection
0
server
cafe
etag
8426874938070306635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:41 GMT
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 15:31:57 GMT
server
cloudflare
age
208
etag
W/"1045-60a1e7cae1276"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82fa2e194e74aca4-TXL
expires
Sun, 03 Dec 2023 08:40:13 GMT
time-business-news-title.jpg
timebusinessnews.com/wp-content/uploads/2018/03/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/2018/03/time-business-news-title.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
534705c44bfef366cfe7658ad162477ab0a566f481bd19a5c42df5f9ed2ef587
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 04 Nov 2020 08:06:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
24539
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
2_photo.png
newslolo.info/wp-content/uploads/2023/11/ 		504 KB
505 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newslolo.info/wp-content/uploads/2023/11/2_photo.png
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11fcfae0705a4f2804e0e173c2f76dd28ed3cef92ba68f2f89c1c762ce55d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Nov 2023 12:18:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7e02a-60a805d833302"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFzjSAkXTyaQDbIASSXrITmTNjY6M%2B8DrTTLwX8sdXsAdqzSl1WVvVE7XsA1AQiBiL2pyzrkEh4WVXFor0RbyPym68s%2BplFNNqDoE%2FRw8b76B%2FmkmdIYN2X17Hq6GpxbVNuwNQDdXOxkyg%2Fe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82fa2e199b6dbb59-FRA
alt-svc
h3=":443"; ma=86400
content-length
516138
2_photo2.jpg
newslolo.info/wp-content/uploads/2023/11/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newslolo.info/wp-content/uploads/2023/11/2_photo2.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb5708ecf7142827fa68b68f8094fc2618b1b2172e3164d72f9c90297b24000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Nov 2023 12:18:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"49851-60a805d9c9320"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7IR1BnQyOi3Qif%2BizZp%2BLHDVrYfp5DrKdsj6FIkvBF%2BMnN%2FCMrpZ1SwfVgltGy6u5k4IDRaZX2CXPjVHJTjpvhhVGZUbADyJ%2Fkwd0OCStxY24Gir6wu1cvxgudA05r9fxaLQdpzxkpGIAO4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82fa2e199b6ebb59-FRA
alt-svc
h3=":443"; ma=86400
content-length
301137
FIFA24-380.380.jpg
timebusinessnews.com/wp-content/uploads/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/FIFA24-380.380.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
f93eccd1d7e1474f80a9438dd46237ba811dc56aabb5158f10c46148a17a2dde
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 08 Sep 2023 10:28:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
168101
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
phone-png.png
timebusinessnews.com/wp-content/uploads/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/phone-png.png
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
9a458d2e87456ad53712019d626980dcd801d211d7d460383d61fc816e6a2c7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 23 May 2023 20:34:46 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
64048
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
DNBC_ad_TBN-1.jpg
timebusinessnews.com/wp-content/uploads/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/DNBC_ad_TBN-1.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
4dea1b53bf41f4c95852328762f93092299bbe2eb345d2d93e12433ac201809f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 03 Oct 2021 18:43:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
37849
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
timebusinessnews-4.jpg
timebusinessnews.com/wp-content/uploads/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/timebusinessnews-4.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
8d91b308df206c0c1fe2e2b445c4a8630f48ba67abca1f461b3f57eecb95aa58
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 23 May 2023 20:38:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
27681
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ifgict-banner.png
timebusinessnews.com/wp-content/uploads/ 		437 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/ifgict-banner.png
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
319f4bf962a67269c510dda875088e081b63f5bec15049c2c545e9e9fe49c87b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 05 Nov 2020 21:12:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
447452
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets-1697711981.css
timebusinessnews.com/wp-content/uploads/themeisle-gutenberg/ 		66 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/uploads/themeisle-gutenberg/widgets-1697711981.css?ver=2.4.1
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
bdef48ff8660900de4a32b3f598f602be4849e068de306fdfcff63df74d16fda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
66
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 19 Oct 2023 10:39:41 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
timebusinessnews.com/wp-content/plugins/otter-blocks/build/blocks/form/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/otter-blocks/build/blocks/form/style.css?ver=3cd69ca5269fa24e814b
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
f3384b188fbafdb43114dc0935159113c48a3085159ddbc307d875b9dacad8ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:47:30 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
js.stripe.com/v3/ 		560 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 varnish
age
59
x-cache
HIT
content-length
158203
x-request-id
be361ae5-faa8-4cfe-a964-5200b650698e
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Fri, 01 Dec 2023 21:48:23 GMT
server
Fastly
etag
"cd52d1197822ef515efcd0a52a691074"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35
accounting.min.js
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/js/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/core/assets/js/vendor/accounting.min.js?ver=4.7.10
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:48:06 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-polyfill-inert.js
timebusinessnews.com/wp-includes/js/dist/vendor/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/vendor/wp-polyfill-inert.js?ver=3.1.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
61476c3a6a9b25997232dcd51db342526f5d11e4516d32794b169996785d80e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 18 Jan 2023 11:16:34 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
regenerator-runtime.js
timebusinessnews.com/wp-includes/js/dist/vendor/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/vendor/regenerator-runtime.js?ver=0.13.11
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
e4fa2bcc7507e23fb226bad104bd3c526149ebc9891afbc4bb3a4a0c88afded3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 07 Feb 2023 15:56:38 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-polyfill.js
timebusinessnews.com/wp-includes/js/dist/vendor/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/vendor/wp-polyfill.js?ver=3.15.0
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
efd7b2c5da606a6115af81568b78ba679b912bd81420ac2e3bed2107ee373aa4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
dom-ready.js
timebusinessnews.com/wp-includes/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/dom-ready.js?ver=7c25017459f1da90355d
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
81264a0be7d9cacdea4629e9a6767a492f8b31e3feb798cced3c7edfec1fccc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Mon, 11 Apr 2022 12:04:30 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
hooks.js
timebusinessnews.com/wp-includes/js/dist/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/hooks.js?ver=cb3553927d7ab6049113
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
72a49fede80d5cbcbdf9559fa9b4e73faf379efa73fd687afba54166c8659abc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
i18n.js
timebusinessnews.com/wp-includes/js/dist/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/i18n.js?ver=28325ce370dfa8a48974
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
832b3fdb0b57cb5282386e68e09eff6cfefb5b726cc8bbd1da1d75824061340d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
a11y.js
timebusinessnews.com/wp-includes/js/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/a11y.js?ver=f5d24347216c445a8c01
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
ef9aa01518c72e51519a532db46214b026f733828cc264836927afa2908c7cbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
url.js
timebusinessnews.com/wp-includes/js/dist/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/url.js?ver=b8dc9f774df8e318bec4
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
24612c451d85b2abd40e9eeb2089bb0be33ac6f093197dd435db0384310359b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-fetch.js
timebusinessnews.com/wp-includes/js/dist/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/dist/api-fetch.js?ver=c6922e5e289e31508e9e
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
7b878ce03b33e0c45c8df05f9d05967c260a2a6e5130b625043f01998c2b54cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 27 Jun 2023 14:24:20 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
simpay-public-pro-upe.min.js
timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/js/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/wp-simple-pay-pro-3/includes/pro/assets/js/simpay-public-pro-upe.min.js?ver=4.7.10
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
bcac1ff22ff98972c54b758890f61421a5948925a8119fcdab142b17405b67a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:48:06 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.bxslider.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/jquery.bxslider.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
5973c113b5f8042aa73dbf197f9faa10fc884d3fb48a792c827768198c34978a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.magnific-popup.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/magnific-popup/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/magnific-popup/jquery.magnific-popup.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
63d576b7e46477e414fccfa292d0415a192bd4a3ddb8ef4452f94d84554e18ab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/navigation.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
ad0259410134d69c9fa5ef9803d6db459ba7b6dbd3984771254116d87a2a1ec1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.fitvids.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/fitvids/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/fitvids/jquery.fitvids.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
skip-link-focus-fix.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/ 		805 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/skip-link-focus-fix.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
7dfcfff070cbfeb929f6cb8b743d691bb330b294cf9b6b387c43428ded8036d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
colormag-custom.js
timebusinessnews.com/wp-content/themes/colormag/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/js/colormag-custom.js?ver=3.0.6
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
3623fe0fc000c161bb50b02269fda9c8e4a1c46e938c2e6935fb53ecc4e0b61f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
form.js
timebusinessnews.com/wp-content/plugins/otter-blocks/build/blocks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/plugins/otter-blocks/build/blocks/form.js?ver=55f512ac69c4e44b2ab5
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
70f2816bb5c89cc42a6b22abed34baf34e3892af5767f882299570d9e9a1f066
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 31 Oct 2023 11:47:30 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 07:43:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
VAXJxRt6IXNJDznC/itXfH54gK6UJCYnXQpMqVaSkzriLbqoGL9sBaRSqz6AhqJDTK/EYxNTI9YAvBpQT/wmQA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
651585d3a15b2e35422520d9.js
rum.corewebvitals.io/cwv/ 		110 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rum.corewebvitals.io/cwv/651585d3a15b2e35422520d9.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:58f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf7da977fc96827c548296633c24906f32f190e859b5387fe60bdc9fec684ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Dec 2023 06:19:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JyfW86i9zHxsfgCM3aP%2B%2Fnh9ePAZqTlyV9vq45R7oIDr51VmtznIbeGOyyjXaaKf10Eho2T%2F2RI60DYXwHsFcFCZRKqrueREcnk%2Bf9lV0nKVI2Jsj8BdyAJfeXiw3f56E1MuUQGOPjBjrmHOTU7USqi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=10800
cf-ray
82fa2e1a5ce271ac-FRA
alt-svc
h3=":443"; ma=86400
ice.js
resources.infolinks.com/js/1895.006-3.034/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
7720
etag
W/"2ede2-6099387db510d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82fa2e1a8894aca4-TXL
expires
Tue, 02 Jan 2024 05:35:01 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://timebusinessnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:29:28 GMT
x-content-type-options
nosniff
age
148453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 14:29:28 GMT
fontawesome-webfont.woff2
timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/css/font-awesome.css?ver=3.0.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://timebusinessnews.com/wp-content/themes/colormag/assets/library/fontawesome/css/font-awesome.css?ver=3.0.6
Origin
https://timebusinessnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
77160
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
font/woff2
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Medium.woff
timebusinessnews.com/wp-content/themes/colormag/assets/fonts/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/themes/colormag/assets/fonts/OpenSans-Medium.woff
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/wp-content/themes/colormag/style.css?ver=6.3.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
4a31a8733940d9d2cb4e98b82b96ecb180ce1de0fc2a8e6397e6bba48aa33c46
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://timebusinessnews.com/wp-content/themes/colormag/style.css?ver=6.3.2
Origin
https://timebusinessnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
80548
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 01 Oct 2023 22:14:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
font/woff
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Untitled-4-2.jpg
timebusinessnews.com/wp-content/uploads/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/Untitled-4-2.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
2b7e011b0029ab0b5986df4acd6e8875ef37c786f800f7313e6a4d0b435ebd5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 15 Jun 2023 08:56:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
30783
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-114.png
timebusinessnews.com/wp-content/uploads/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/unnamed-114.png
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
44f146188deef37d072131ed83585adf7469b1a7c817cb55b27badbc93e0b4b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 15 Jun 2023 09:11:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
41416
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
2_photo3.jpg
newslolo.info/wp-content/uploads/2023/11/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newslolo.info/wp-content/uploads/2023/11/2_photo3.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540cac4f7fdc7baf0de9c039f3ffda191e395568e46147bc5200c803cce3a1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Nov 2023 12:18:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"49021-60a805dc67da1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBTIcHBqa6H%2B48x7YslsJT5bFS0Y9q9%2BHCsk5JslCBVBPtTiS5ylCOwHF0Ep4pgAEqwTt6VLhah3eeOHQ%2BufSK6BduGuN1EKj0gbqUUJF3oI33c9uXWUS8llyIGE37iG8tlu4fVSZmWOmp86"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82fa2e1acc97bb59-FRA
alt-svc
h3=":443"; ma=86400
content-length
299041
2_photo4.jpg
newslolo.info/wp-content/uploads/2023/11/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newslolo.info/wp-content/uploads/2023/11/2_photo4.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291633372323ca033d63c5977abbbf87930c3976339eb2b3dcdd174b7a0ca462

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Nov 2023 12:18:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2f6fc-60a805dec8fc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Gln%2BgkJMuiqiBlGa0uTN3kotSaeKPrCAaaj9VTPc4sye1hkttjmsdzRc7rmFt0TCObJJCkukCg5XKCzMef1HhTYSyzRfiySFS4ldidln7yDTSmrqdBpnUvs3d9IXpVclqMEol6gybeEPBV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82fa2e1acc99bb59-FRA
alt-svc
h3=":443"; ma=86400
content-length
194300
ksf-space-animated-video.gif
timebusinessnews.com/wp-content/uploads/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/ksf-space-animated-video.gif
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 19:48:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
1671757
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ksf-space-animated-video-02.gif
timebusinessnews.com/wp-content/uploads/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/ksf-space-animated-video-02.gif
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 20 Jan 2022 20:00:24 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
1506578
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
01-copy-4-1s-300x202.jpg
timebusinessnews.com/wp-content/uploads/2019/09/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/uploads/2019/09/01-copy-4-1s-300x202.jpg
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
4abb42638aed204a1a1d5e9531ea94c593f2bbb9b3b33f6eb780a129f337600f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:40 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Wed, 04 Nov 2020 08:06:17 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
content-length
37466
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
IFGICT.mp4
timebusinessnews.com/wp-content/uploads/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-content/uploads/IFGICT.mp4
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
Content-Range
bytes 0-6525871/6525872
x-sucuri-cache
MISS
Content-Length
6525872
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 03 Sep 2021 19:10:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
video/mp4
cache-control
max-age=315360000
x-sucuri-id
15003
expires
Thu, 31 Dec 2037 23:55:55 GMT
8qmmx15z0heuv
stream-156.zeno.fm/
Redirect Chain
  • https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
  • https://stream-156.zeno.fm/8qmmx15z0heuv?zs=YcMfjp4GRNWHBaNMpiDClg&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
156 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://stream-156.zeno.fm/8qmmx15z0heuv?zs=YcMfjp4GRNWHBaNMpiDClg&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
HTTP/1.1
Server
15.235.9.228 , Canada, ASN16276 (OVH, FR),
Reverse DNS
dovh56.ca.zeno.fm
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

icy-name
Time Business News Radio
transfer-encoding
chunked
content-type
audio/aac

Redirect headers

location
https://stream-156.zeno.fm/8qmmx15z0heuv?zs=YcMfjp4GRNWHBaNMpiDClg&rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
date
Sun, 03 Dec 2023 07:43:41 GMT
cache-control
no-cache
content-length
0
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
twemoji.js
timebusinessnews.com/wp-includes/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/twemoji.js?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
5e6fa1be9f77c9fafce777a4f710b20dbd3c321f1618db7a70501efb33a38357
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 02 Feb 2023 00:53:26 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji.js
timebusinessnews.com/wp-includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timebusinessnews.com/wp-includes/js/wp-emoji.js?ver=6.3.2
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
e9d54383a1ae1cc16b30c0a748ff78cebfffede0e53dd7821dfcb6328ccef47e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 02 Feb 2023 00:53:26 GMT
server
nginx
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
15003
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 8602 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7381142
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 07:43:41 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
887350
x-content-type-options
nosniff
x-request-id
53348c01-c504-4123-b16e-971d2924ff82
x-served-by
cache-fra-eddf8230055-FRA
manage
router.infolinks.com/usync/ Frame 9DE2 		0
43 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3385590&wsid=0&pdom=timebusinessnews.com&purl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82fa2e1b9aceaca4-TXL
content-length
0
date
Sun, 03 Dec 2023 07:43:41 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3385590&wsid=0&pdom=timebusinessnews.com&purl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82fa2e1b9adbaca4-TXL
content-length
0
gsd
router.infolinks.com/ 		321 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3385590&wsid=0&pdom=timebusinessnews.com&purl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&jsv=1895.006-3.034&_cb=17015894213560
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457e1548ab4b227704b01d9cd1a5185810f2506931427fe0b33dbcc25e7e6900

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
82fa2e1b9ad8aca4-TXL
expires
Thu, 01 Jan 1970 00:00:00 GMT
183946544627102
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/183946544627102?v=2.9.138&r=stable&domain=timebusinessnews.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
afd6d7c0caefbe96d8bc4cef16463baf8f856fe0d2d440aea6319adfebe7239c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 07:43:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
aloipNA0MO/KvStp4ssXQd4Wr9Hp6fH3CTUhFqukDfBXE2ItXrtzVQMTk0kZXwc465clcIjPS+KPce1BKi8pKA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
clock.png
timebusinessnews.com/wp-content/plugins/live-news/public/assets/img/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/img/clock.png
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.3 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10003.sucuri.net
Software
nginx /
Resource Hash
d90ca8867369e943ffcedb93db45784e14d108a266fb5452504aca90be075962
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
br
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
x-sucuri-cache
MISS
cache-control
no-cache, must-revalidate, max-age=0
x-sucuri-id
15003
link
<https://timebusinessnews.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 8602 		631 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 varnish
age
2856317
x-cache
HIT
content-length
399
x-request-id
0da8d6df-4def-4d35-a172-75e1207ffb89
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
846002
csp-report
q.stripe.com/ Frame 8602 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701589421972922
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701589421972308
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8602 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701589421972970
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701589421972300
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y791HGRGDN&gtm=45je3bt0v9122425113&_p=1701589420946&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=1309634682.1701589421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701589421&sct=1&seg=0&dl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&dt=Kriti%20Sanon%20Immediate%205.0%20Evex%20Review%20-%20Scam%20Or%20Legit%3F%20-%20TIME%20BUSINESS%20NEWS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=616
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y791HGRGDN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://timebusinessnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame 72F8 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 07:43:12 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
fGvu36qXjzlIfWve-1kuNI2R7i2_NbhL0tZUUW_rKKVXgnUBA5pxAg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=183946544627102&ev=PageView&dl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&rl=&if=false&ts=1701589421471&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701589421470.1273594979&cs_est=true&ler=empty&it=1701589421364&coo=false&rqm=GET
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 03 Dec 2023 07:43:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
doq.htm
rt3053.infolinks.com/action/ 		1 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3053.infolinks.com/action/doq.htm?pcode=utf-8&r=17015894215221
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d0504b21c48139f0f66a4d54c880ba912eca2279444104c2bd921d01e7d7fe

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://timebusinessnews.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
82fa2e1cecaf6a76-TXL
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdc2e083b6659e0eecd4cd1077eb6dcf86f43e7ba0e75e514d27379662588210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137574
x-xss-protection
0
server
cafe
etag
1237641197493859297
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:41 GMT
csp-report
q.stripe.com/ Frame 72F8 		0
0
csp-report
q.stripe.com/ Frame 72F8 		0
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 6F22 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 21:10:45 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 21:10:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csp-report
q.stripe.com/ Frame 72F8 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 03 Dec 2023 07:43:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701589422165845
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1701589422164796
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 72F8 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:39:41 GMT
content-encoding
br
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
241
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
M2nHS3w4IG_G803xLiVohdxsJOWMnrA2XuCvvAAkLpRiHz2-Ar4gpQ==
6
m.stripe.com/ Frame 72F8 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.110.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-110-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
eb7a1a795c32ef1c98ae56859438a15c4d930427b61e732bd5e8507d1c3c254b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sun, 03 Dec 2023 07:43:42 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701589422160726
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1701589422160514
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ads
googleads.g.doubleclick.net/pagead/ Frame 51A1 		686 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1701426711&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589421536&bpp=2&bdt=608&idt=313&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=568145841288&frm=20&pv=2&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
730a9f0201ace270ad005fbb950cb553cd84930afdf9f42fb8f90d03cfac71a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
122353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:42 GMT
expires
Sun, 03 Dec 2023 07:43:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=daln-container&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in_search.js
resources.infolinks.com/js/1895.006-3.034/ 		225 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:41 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
6750
etag
W/"38471-6099387db3d85"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82fa2e1eb859aca4-TXL
expires
Tue, 02 Jan 2024 05:51:11 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Sun, 03 Dec 2023 07:43:42 GMT
getads.htm
rt3053.infolinks.com/action/ 		714 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3053.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22camera%22%2C%22scs%22%3A%22S8p_TipkdW%22%7D%5D&rid=9fe351ac-455d-4d47-b88a-b360738b287c&jsv=1895.006-3.034&sr=1600X1200&rts=1701589421925&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=119.0.6045.199&dv=p&ce=t&purl=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&tzo=%2B0100&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=2mVh-afGQ_QE-yiKRHxtdzHy5xsTunchyeA02TSJrHEUzZPtw4PrrsTYg0-PbPoW08LkhwD2DKQ289zX-rkY5-ssIFZDsYxdAvXGwx2IHFfZgLv8aE_cXUCVMaMZcv9Tp8Q2EHu7l3mKQnf_T9sFoYeAbiMJBZwX&rsk=46&rcs=qTWLk5GYULvYxMfXOdhuuQ&cuid=fbd5ce48-00e8-4b8c-99b5-0b24d6c4021b&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b86239efb3540d33bd5dc7d3dd3114b42ce3bb290731337ae94c0668a654703

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
82fa2e1f1918aca4-TXL
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview.htm
rt3053.infolinks.com/action/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3053.infolinks.com/action/adview.htm?rid=9fe351ac-455d-4d47-b88a-b360738b287c&bdc=1&midx=0&emd=NzA2fmRlLWdvLmtlbGtvb2dyb3VwLm5ldA&rts=1701589422235&prod_t=d&jsv=1895.006-3.034&skin=sidebar&theme=nologo&sdata=camera&scs=S8p_TipkdW&rsd=2mVh-afGQ_QE-yiKRHxtdzHy5xsTunchyeA02TSJrHEUzZPtw4PrrsTYg0-PbPoW08LkhwD2DKQ289zX-rkY5-ssIFZDsYxdAvXGwx2IHFfZgLv8aE_cXUCVMaMZcv9Tp8Q2EHu7l3mKQnf_T9sFoYeAbiMJBZwX&rsk=46&rcs=qTWLk5GYULvYxMfXOdhuuQ
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://timebusinessnews.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
82fa2e210cc26a76-TXL
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
thumbnail.jpg
thumbnails.infolinks.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.infolinks.com/thumbnail.jpg?domain=de-go.kelkoogroup.net
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
30d313c46998f8889e0d2319b91d63a58f4b399266f9e1fce7ad9223559f6273

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:42 GMT
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Sun, 03 Dec 2023 06:41:48 GMT
server
cloudflare
srvr
tbn2v
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82fa2e211ce7aca4-TXL
content-length
2927
expires
Sun, 03 Dec 2023 08:43:42 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:42 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:31:12 GMT
server
cloudflare
age
12195
etag
W/"5344d-5f75343a1bcf7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82fa2e21be10aca4-TXL
expires
Tue, 02 Jan 2024 04:20:27 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js?bust=31079890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f94250c7381973ae166089798321fb404afff3d3695679a03d78ab7ac4766376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55950
x-xss-protection
0
server
cafe
etag
4150152438678706455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 874C 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf38b342d40845ac50e58119e79bc3df0270bbeff1d1328a02ed0f7615708a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21709
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 57C7 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4116494440674c358b511b37813b3c59547cd9609a05c84952fcd20b3c0d4dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21893
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C475 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc0be9905c2d742e2f332d9a55a360ee623bcb146430420d3b39c3b71deaa7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2102 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2ec238ef4bfe965d6a209f6cd7a09eb87324cc2de3c4e4a21cc49747733742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21536
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FAB6 		60 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad3c268ed3718f4e5a140140aba88623e8d9a04ddbcd78600135b5cdbeaf9c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21029
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3761 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb300acddd3b86e2a21415db70318bea9705de0260d35ba73c2b8fd6eab668e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18008
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 0781 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame E8BE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 8A36 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 861F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 0781 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 07:31:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 07:43:43 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0781 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
x-content-type-options
nosniff
age
33129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 01 Dec 2024 22:31:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0781 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:40:01 GMT
x-content-type-options
nosniff
age
39822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 01 Dec 2024 20:40:01 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 0781 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 23:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
28783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 23:44:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 0781 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
32218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9189
x-xss-protection
0
server
cafe
etag
14682237860056745894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:46:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E8BE 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame E8BE 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E8BE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E8BE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E8BE 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame E8BE 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:31:34 GMT
css
fonts.googleapis.com/ Frame 8A36 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 07:22:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 07:43:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A36 		2 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 8A36 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A36 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8A36 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 8A36 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:31:34 GMT
b1fdc9f83bbec90a172a8086cc6d7abe.js
www.gstatic.com/mysidia/ Frame 861F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4047
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:37:46 GMT
280465d6b51993ac6d052e033b440ef2.js
www.gstatic.com/mysidia/ Frame 861F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/280465d6b51993ac6d052e033b440ef2.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 00:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4756
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:39:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 00:39:22 GMT
css
fonts.googleapis.com/ Frame 861F 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 07:22:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 07:43:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 861F 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 861F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 861F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 861F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 861F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 861F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:31:34 GMT
dcl.htm
rt3053.infolinks.com/action/ 		0
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3053.infolinks.com/action/dcl.htm?rid=9fe351ac-455d-4d47-b88a-b360738b287c&prod_t=d&sdata=camera&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
82fa2e27694faca4-TXL
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3986 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 05:52:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 07:43:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3986 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3986 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3986 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3986 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3986 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 3986 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:31:34 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame BA47 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231203T074343Z-6dv27qe09x0at4zu0bsrtw2ync00000003u0000000014r7s
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3e6286f6-c01e-00c3-190e-2093fc000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame BA47 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 07:43:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 02 Dec 2024 07:43:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BA47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BA47 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame BA47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgiZPPMIf5NeKv4pAeeLP9y7TYArErEmvsESUcaXSUzgkgB0WyobvqVwRMGKeH8REvdE_uEJLUhw0BlMFkFRf3-SmL_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BA47 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
c.gif
www.bing.com/aes/ Frame BA47
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=663d4124-848c-4da0-b26f-7cf866222858&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=56fc580a-3680-4d6d...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6f2ecc862e6b4b72b830e34de0e5cc84&SNR=1&GV=2&med=10
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6f2ecc862e6b4b72b830e34de0e5cc84&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2E8D26297FA64D7EAEE6A40D9E398D09 Ref B: FRA31EDGE0805 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800c77
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C5EE5802FA3E4360856E99140877A652 Ref B: FRA31EDGE0606 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800c36
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6f2ecc862e6b4b72b830e34de0e5cc84&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
dr
as.ad4m.at/ad/ Frame C862 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b48677f299622005df997dabe3b5bfafd35d0aa7aec7a07bcf6ad375353c1d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82fa2e289e8d9299-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BD7F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6115 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BD7F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame BD7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgA5y9mqXCkj6jSM4x20H3EEoVVtPPCdT0UgEqKvZ_YKzIJMyLzjrdrYKW0FaexD5ar5X0H0M0o1WqE1uWodUK_g9vtg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BD7F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
pixel
cm.g.doubleclick.net/ Frame 6115
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHoetbyMMWj4HZhyLZumtOs&google_push=AXcoOmQOAgTL0JPdzsjl4bjAbmImRagpxP5iXlNAf_kajYo-SUQper6umF...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHoetbyMMWj4HZhyLZumtOs&google_push=AXcoOmQOAgTL0JPdzsjl4bjAbmImRagpxP5iXlNAf_kajYo-SUQper6umFTP333wTO615DMxvTECP3TiuAlkOVxfMNW2mik7cT_Ifl-R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230031-FRA
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701589424.549049,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHoetbyMMWj4HZhyLZumtOs&google_push=AXcoOmQOAgTL0JPdzsjl4bjAbmImRagpxP5iXlNAf_kajYo-SUQper6umFTP333wTO615DMxvTECP3TiuAlkOVxfMNW2mik7cT_Ifl-R
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6115
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOa0aFL4RR3ct_GfEWf_LMM&google_cver=1&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLWrFy3OHL8CgjmrU7d
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLWrFy3OHL8CgjmrU7d
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmQe2YROnO_DnaG528UlwV4SiuemxONcYMIHGjaFSvSTg6Y48mbAAeqixeWzirUeoPMPfc-ARvMxyjrSbrLWrFy3OHL8CgjmrU7d
x-host
tde-deliveryengine-production-6987bbc57b-b4p7g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 6115 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHkPbtnaXQXHFG21TM27Qfw&google_cver=1&google_push=AXcoOmSD8y3PJHFtcu2IIhA87WhLrLYSP8O8k3z1VG767bjK2xIcIG6HcL38BeWZWakwkqu3oma0SXHwDGeHsVUQyCHaYiItiNztXov9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6115
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO5yRAF9QnzirgOFgTqDi70&google_cver=1&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13m...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO5yRAF9QnzirgOFgTqDi70&google_cver=1&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P1...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTJ6iuFen7Ebcc9XJprGnLzaV2eKUsouelATFvupltwma4yaI-EqsSO6ycVHvsxkHaDq315zFKR_P61fX_mDu5P13mc9EWRA_-a
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6115 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRy5S74kRzUzMt2MNKaHYg_DCoN6JuKN9OmCCIltLQVAkfUlFUDFQtkvlC9WJzs2KFdSV_FYOE2QziDx7DD61CAQ7j7peO14jRE&google_gid=CAESEKK2o6YrvtUBE5qRQq_5bCk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
207749
expires
Sun, 03 Dec 2023 00:00:00 GMT
trk
ag.innovid.com/ Frame 6115 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB14VlsoIxwUpVf2RU5oE7Y&google_cver=1&google_push=AXcoOmTPDuCQLQkDqj9VFtxlZiGwk27y5fko1p7Yi_RTuTeCo2_mRRbBXrK4xZG51DBsyni_Vtu90hxqH2rP4C9Bs59V5sX0mhYubird
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
report
sync.teads.tv/um/ Frame 6115
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEALrFRq720mG...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRYhkn9EuuF8PoFO1u38tmjqsBpzqlOFczu8_WXtWVFt7u50pkI-xOu08U-h4wp9dcEzjkSyVEpRaUJPeMC-nvuejf2Lvui5iHYtQ
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Sun, 03 Dec 2023 07:43:43 GMT
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6115 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kt-JH9fSv65oUMapdrVK8IVFKNsnYFeW_WOQO05UTlgX5SKAr6BzKg_AF5vOLkl5WC8b_j6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C862 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1833549
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F8FGqeihYpOtJsRFt2wsICtr0DzLYruYAyMMwD222ZmVmbIKTKs4kW6CFqmFzgx%2BTxzVY%2Fs0vWviXs8EsN2%2BpD8uM7Uhk1xV7NVlaJdeyyp9hNomJ3053UgxHpqwMqa4KahSGl45DA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82fa2e28fee89299-FRA
expires
Mon, 04 Dec 2023 07:43:43 GMT
r62eglto.js
ad4m.at/ Frame C862 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
340136
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Nfs14e7%2Bz82rdW7YLl6QOv2MHItM3ZiJloRNx3sN0x46r8gvn6K0wFw6BNm12dwt20tc6HRcc45SuM%2BJ9MxXmkZR2bXDAoUL3pYNhMaz0%2BpbuNkCY%2Fm%2Fm7KyX4IsrWo1ZwWnMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82fa2e290ef09299-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 Nov 2023 09:14:47 GMT
th
www.bing.com/ Frame BA47 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7215898042300_1R7CU2659CV8KJ5JKR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1701589423.53800cf2
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
14089
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame BA47 		0
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QKeBOgeAgAAAwDWAAUBCK_jsKsGEPCjquyu1JPtQhgAKjYJowMZfx5ouz8RaPnXG1C3uj8ZAAAAgBSuD0AhaA0SBCmjDSTIMQAAAADXo9A_MJU2OLUBQLVeSOMDULqJirYBWNHHAWAAaKkxeMHxBYABAYoBA1VTRJIBAQbw_ZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcPv9v2H84O7ZMAFAMkFAAAAAAAA8D_SBQkJAAAAITR0ANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0AbCjQTaBhYKEAkSGQEBi2TgBgHyBgIIAIAHAYgHAKAHAcgHwfEF0gcNCREoASYI2gcGAV6gGADgBwDqBwIIAPAHm0uKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=b66e696aafb044ff208f2d1301fa5518f4b4f3b8&bdref=https%3A%2F%2Ftimebusinessnews.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Ftimebusinessnews.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D3318115725%26adf%3D3987088018%26pi%3Dt.aa~a.1324685680~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%252C333x250%252C333x250%252C333x250%26nras%3D6%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D3674%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D5%26fsb%3D1%26dtd%3D28,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D3318115725%26adf%3D3987088018%26pi%3Dt.aa~a.1324685680~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%252C333x250%252C333x250%252C333x250%26nras%3D6%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D3674%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D5%26fsb%3D1%26dtd%3D28&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
0cfe1364-94ab-443f-aba5-2593afc5c858
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame CFB8 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231203T074343Z-6dv27qe09x0at4zu0bsrtw2ync00000003u0000000014r93
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3e6286f6-c01e-00c3-190e-2093fc000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame CFB8 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 07:43:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 02 Dec 2024 07:43:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CFB8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CFB8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame CFB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWB9l1cqLmeWIlIASiXWaEyW1W9NvHS5vccFUcHMa74nvjoxuRHn36uOGrAqvYy0MxXLn17Z5Quzc3dIJK8hyeAWMfeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CFB8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
c.gif
www.bing.com/aes/ Frame CFB8
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5b4be08a-cfa6-44fc-8b3a-a7e6336a36ed&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=54ec3abe-b5e1-4dc2-80b...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=51b0879422244f398c4cd96d46363e36&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=51b0879422244f398c4cd96d46363e36&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8764A37116F246A79E5FA82F52240B41 Ref B: FRA31EDGE0616 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800d5a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A8063AB043E495298E16C5FB00319A0 Ref B: FRA31EDGE0816 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800d17
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=51b0879422244f398c4cd96d46363e36&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
quic-version
0x00000001
truncated
/ Frame BD7F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48b351076fb2700f0ef81c8e3b70ade21ffd29252556d548b92a3597adc72fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C862 		350 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262044
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRZ4FvphLFELezxQ38LmfPi2TycS13s8yr6t8Rs4Yoogr2e%2FpOooVGF77yy4Z6%2Bpdxyy7XuyD0qeKkBRFRjqsOOMYvrzVal04dTgSHrB3wVIvW0FH8pYFaf3rUcq9yrPL9PmbIQDCqe18uQIOBvFzOkS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2a4ede1e4c-FRA
expires
Fri, 29 Nov 2024 06:56:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EE97 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:04:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 9AF1 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231203T074343Z-6dv27qe09x0at4zu0bsrtw2ync00000003u0000000014r9q
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3e6286f6-c01e-00c3-190e-2093fc000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 9AF1 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 07:43:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 02 Dec 2024 07:43:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9AF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9AF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 9AF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTzInphgre3ZwRsdsWrCix0AwJH8EhCEtzPEY_Ytl79pfs1sJtzEuBoqFCSuAa5yQtyRJNlklDdzUeBaLy3R6KB2dgJQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9AF1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
c.gif
www.bing.com/aes/ Frame 9AF1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7ddb81b8-8661-4d94-92d0-3baf77a1ad34&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=178984d0-4d8c-4d8c-bb6...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d19825bd62a64f1fbdf8dc06d2240ccc&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d19825bd62a64f1fbdf8dc06d2240ccc&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 016CFB6C8EF84903861ACABF127AED75 Ref B: FRA31EDGE0805 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800dbe
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 52BFA1D3530F432983690DD1B5C9A98B Ref B: FRA31EDGE0719 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800d53
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d19825bd62a64f1fbdf8dc06d2240ccc&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
quic-version
0x00000001
cookie-frame.html
ad4m.at/ Frame CBF5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
404736
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
82fa2e29faa918e2-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Tue, 28 Nov 2023 16:18:07 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUfPSd8hlDRnD3FnWwhgRfP88eJbk4AcvCYSuYOuY1APzAgQRMgA4mgz6RTu0MwOIlXFLenho8o8rfgF3VOkcOqnon2gGgow42M0RRXCEjk6pTKJb%2BbuDSA98wT0riPHU57Abdk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
th
www.bing.com/ Frame CFB8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.e19acbbcf69eaeaa1592efcd5507176c&pid=AdsNative&c=3&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
492bf308c2763608e237de72d214fa21ee9340b669699cc965a70e6995deafd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1701589423.53800d72
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
7769
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame CFB8 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QKhBOghAgAAAwDWAAUBCK_jsKsGEJ-6gNO4o7r2HBgAKjYJ8PXBXdOryD8Rukg5tqoMyD8ZAAAAoJmZ8T8hug0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG9CABmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAlBodHRwczovL3RpbWVidXNpbmVzc25ld3MuY29tL2tyaXRpLXNhbm9uLWltbWVkaWF0ZS01LTAtZXZleC1yZXZpZXctc2NhbS1vci1sZWdpdIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXG0NPDm5jn2nXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUI-gUECAAQAJAGAJgGALgGAMEGAAUjLPA_0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0JESkBJgjaBwYJuJjgBwDqBwIIAPAHm0uKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=600633e24c213c3afbe28dd8afcab5f5ed352a64&bdref=https%3A%2F%2Ftimebusinessnews.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Ftimebusinessnews.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2177237695%26adf%3D3492100912%26pi%3Dt.aa~a.1902263049~rp.4%26w%3D333%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D1238%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D6,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2177237695%26adf%3D3492100912%26pi%3Dt.aa~a.1902263049~rp.4%26w%3D333%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D1238%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D6&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
f43c64ee-5876-4d62-9be0-0d08f4610e55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 8DEE 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231203T074343Z-6dv27qe09x0at4zu0bsrtw2ync00000003u0000000014r9t
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3e6286f6-c01e-00c3-190e-2093fc000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 8DEE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 07:43:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 02 Dec 2024 07:43:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8DEE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8DEE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 8DEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdSk2ukjbjEeIVkc3piDALQ9Ghebcl5SFcViHkm4FU50PrLlNXfxR3-j6UJMinmp-6ztACHDZWN18dAlq-yDu8d0ve0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8DEE 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
c.gif
www.bing.com/aes/ Frame 8DEE
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=aedff7cd-8e25-4859-a7b2-3e83e177856d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=d8310ea7-22c8-4d18...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5be2bca4b384a7e9502f271a7d49d8b&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5be2bca4b384a7e9502f271a7d49d8b&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9344591A2ED404A80CEA16904A95814 Ref B: FRA31EDGE0805 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800dee
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 03 Dec 2023 07:43:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A4140D6806B484980FB90FC1EC5ADCC Ref B: FRA31EDGE0714 Ref C: 2023-12-03T07:43:43Z
x-cdn-traceid
0.39d53e17.1701589423.53800d7c
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5be2bca4b384a7e9502f271a7d49d8b&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
dr
as.ad4m.at/ad/ Frame 742E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f9e7c66e9b1e5c7af42a6a5385263ae4a5b3d4865eebfe0fc7f7dda0a2d63a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82fa2e2a2ad618e2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E792 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
33966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:17:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D55D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E792 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
42093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame E792 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA_YMG4h3YlSxPsNQY7lklXEl4rR0MzusXWzLFL4rP17QhclD_5MIFzcp0tvxuap1bkvbOPCgKdz0R60CMqnwKtkbriw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E792 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:43:43 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 474E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
118403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:50:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F3C4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame 9AF1 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.619fb283cfe7baa62ad16959a38e9c23&pid=AdsNative&c=3&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8d318dbdde4b73ed190755e5fe16a1c2703ca646f3b77205a91bec9623de0280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1701589423.53800da2
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
17634
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 9AF1 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QKhBOghAgAAAwDWAAUBCK_jsKsGEKHkht_4pcasTxgAKjYJFd6jByAxqT8RbY0Tb5uOqD8ZAAAAoJmZ8T8hbQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG9CABmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAlBodHRwczovL3RpbWVidXNpbmVzc25ld3MuY29tL2tyaXRpLXNhbm9uLWltbWVkaWF0ZS01LTAtZXZleC1yZXZpZXctc2NhbS1vci1sZWdpdIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXjqPrn9-y0vR7ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUI-gUECAAQAJAGAJgGALgGAMEGAAUjLPA_0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0JESkBJgjaBwYJuJjgBwDqBwIIAPAHm0uKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=dbfac62601afba5dc0b1c9ac99ac63d6e4ee3724&bdref=https%3A%2F%2Ftimebusinessnews.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Ftimebusinessnews.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D3006685884%26adf%3D1207449781%26pi%3Dt.aa~a.4270427562~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%252C333x250%252C333x250%26nras%3D5%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D2781%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26dtd%3D26,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D3006685884%26adf%3D1207449781%26pi%3Dt.aa~a.4270427562~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%252C333x250%252C333x250%26nras%3D5%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D2781%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D4%26fsb%3D1%26dtd%3D26&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
9c25289b-f105-4cb5-9a1c-33463f483f4f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BA47 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4a1eef3bf8b164a3b750fb68c7783394cf20d124ce228b1150b8814573db42d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame BA47 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLNB-jNAwAAAwDWAAUBCK_jsKsGEPCjquyu1JPtQhgAKjYJowMZfx5ouz8RaPnXG1C3uj8ZAAAAgBSuD0AhaA0SBCmjDSTIMQAAAADXo9A_MJU2OLUBQLVeSOMDULqJirYBWNHHAWAAaKkxeMHxBYABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAmbqAlBodHRwczovL3RpbWVidXNpbmVzc25ld3MuY29tL2tyaXRpLXNhbm9uLWltbWVkaWF0ZS01LTAtZXZleC1yZXZpZXctc2NhbS1vci1sZWdpdIADAIgDAZADAJgDCaADAaoDqwMKwQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01NmZjNTgwYS0zNjgwLTRkNmQtODI5Ni1mOGVlZGM4YTk0ZTQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTU2ZoZxAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_w5V9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODE3MjQ5MjEzMTAzMTE2Nzg0IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56STROREk1TnpneE5UZzNPVE1qTWpNeU5EWTBNalExT1RRM05qTXhOdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcPv9v2H84O7ZMAFAMkFQdEcAADwP9IFCQkJDHgAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDRVlASYI2gcGAV6sGADgBwDqBwIIAPAHm0uKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=c26a7367864691023d7ed128c88efbf9cb5976ca&type=nv&nvt=5&jm=1003&px=17&py=0&bw=300&bh=157&sid=6102716151955090162&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=333&ph=250&ww=333&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
0b644ef8-e33a-4e6e-9069-bd26c243418d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D7E1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame 8DEE 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7215921623040_1NIIKFQ4AV7GS5PBLV&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94a0c15801bde3ded663502a0079c3138d25ec15867c124463a7a535773b7ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1701589423.53800df0
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
22847
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 8DEE 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QKjBOgjAgAAAwDWAAUBCK_jsKsGELq-ndyk056QQxgAKjYJI3cKdvk6tT8R7LeXWgOytD8ZAAAAoJmZ8T8h7A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4lvIFgAEBigEDVVNEkgUG9DQBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAlBodHRwczovL3RpbWVidXNpbmVzc25ld3MuY29tL2tyaXRpLXNhbm9uLWltbWVkaWF0ZS01LTAtZXZleC1yZXZpZXctc2NhbS1vci1sZWdpdIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXE5t6CyeTHyyDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW98yn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAADTcRAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5byBdIHDQkuJgAI2gcGCbqY4AcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=3f3ecf81ac70798319aa01b82949c38d69653135&bdref=https%3A%2F%2Ftimebusinessnews.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Ftimebusinessnews.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D1548157933%26adf%3D4256907570%26pi%3Dt.aa~a.2314094185~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%26nras%3D3%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D1635%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D21,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D1548157933%26adf%3D4256907570%26pi%3Dt.aa~a.2314094185~rp.4%26w%3D333%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701426711%26rafmt%3D1%26to%3Dqs%26pwprc%3D7955184683%26format%3D333x250%26url%3Dhttps%253A%252F%252Ftimebusinessnews.com%252Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701589422876%26bpp%3D1%26bdt%3D1948%26idt%3D-M%26shv%3Dr20231129%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C333x250%26nras%3D3%26correlator%3D568145841288%26frm%3D20%26pv%3D1%26ga_vid%3D1309634682.1701589421%26ga_sid%3D1701589422%26ga_hid%3D200840905%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1037%26ady%3D1635%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31079438%252C44809314%252C31078297%252C31079890%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D1323519298565292%26tmod%3D712723117%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D21&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
6171b03d-7e64-4e88-a735-bcf5a11892b6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame CFB8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c755141c8274808bcb6f08e0d5afafd72989a6622f25290b80b3a5e98ddbf497

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame CFB8 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLXB-jXAwAAAwDWAAUBCK_jsKsGEJ-6gNO4o7r2HBgAKjYJ8PXBXdOryD8Rukg5tqoMyD8ZAAAAoJmZ8T8hug0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOyAwrMAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BlaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01NGVjM2FiZS1iNWUxLTRkYzItODBiYi1mMzJmY2I2ZWJiYmImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlgAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJtALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0R8NdQUklDRX0SBTEyMDg1GhMyMDg0Mjk3MDMyMDYwNjQwNTQzIgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXlORGM1TmpreE1UY3hNREFqTnpVeU5EZ3dOekkwTWpBeU16WT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFxtDTw5uY59p1wAUAyQUAAAAAAADwP9IFCQkAAAAFDmjYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYFIDAA8D_QBsKNBNoGFgoQCRIZAQGJZOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0JESgBJgjaBwYBXqwYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1c45db4e6035ec993fdcb8668167915c24360c10&type=nv&nvt=5&jm=1003&px=17&py=0&bw=300&bh=157&sid=6102716151955090162&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=333&ph=250&ww=333&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
73302abe-f6e5-4640-b579-db8fc5be4f00
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 742E 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2073442
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBXF%2Fyax2bHN2MFSYe97qPpZziedgSBKA9qZ1yPncD9payEMITrybf08tKvF8u%2Bbid%2BRE1oY%2ByIDQXOtRpfUFY6366t8IozITAA8I53BG77Hdy%2BP6fCMg1MzdhaqVmtOvO5qzAP%2BJz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82fa2e2aab5f18e2-FRA
expires
Mon, 04 Dec 2023 07:43:43 GMT
r62eglto.js
ad4m.at/ Frame 742E 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
281011
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUSbH42oA6OWaN7ibmMf3F4CuszhLjiiy9JlpCI73MuZRTpN78B5bz1Yk4Ni8Xj6D2pdDbyO9RewVChzj7J7bbc3lYaKM1r38vK6a9f5qtSXtUtoHU9GNiV9cAjKuA9d2dZYaso%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82fa2e2aab6218e2-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Nov 2023 01:40:12 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EE97
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
expires
Sun, 03 Dec 2023 07:43:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame BA47 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSMO-rjFsZajQOr-LjuwP7uGkyA_S4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS3Ak_QHZWjQ_XpMA_0NKbVHDEpyCxYdoz39g62K6ut_SRFeQE1eivTOixMx9eA5PFKF7InyTePRq1b-W4rrC-9I9tu9we37g_n0JaEzYoRGjTKvWywyIqbAqiJxt8NzUH7HXAxJobgM8MSLi93jRPJ3RjrUnZpaaqXv3CUoOVIbDOrExwS6zGu2aCAbC8inVUwslA2VO9qJ7YGcgymeLmeIDB1IFWSedVAX5lK2yfUp3ycKLZe3lXkrQIsjf5JVHMvjti3uFDPuKA_k99ktuKe_nzN-8FXXzURUWjmqPboTXrMQ_EHi3-ae9eAeZPZJYx9aD0eYHh7J6ZTXCsOFn3Z_HPGA1dlQJ3bIUBg0srUqkFE1npuCCTqo-zl2oVLHCOx9PuHftzeg4XYpAYVhXmiQq7HoFzqq33GgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WP-978ji8oIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=XsixCiECEtc&uach_m=%5BUACH%5D&cid=CAQSPADICaaNOrSXV6LWXfvWiMDBRbsYWOeGgTYsvpGNEteazAJeKDKa5VquXf1FXRJg6GjL6-NMO03qQoNOsBgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame BA47 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLNB-jNAwAAAwDWAAUBCK_jsKsGEPCjquyu1JPtQhgAKjYJowMZfx5ouz8RaPnXG1C3uj8ZAAAAgBSuD0AhaA0SBCmjDSTIMQAAAADXo9A_MJU2OLUBQLVeSOMDULqJirYBWNHHAWAAaKkxeMHxBYABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAmbqAlBodHRwczovL3RpbWVidXNpbmVzc25ld3MuY29tL2tyaXRpLXNhbm9uLWltbWVkaWF0ZS01LTAtZXZleC1yZXZpZXctc2NhbS1vci1sZWdpdIADAIgDAZADAJgDCaADAaoDqwMKwQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01NmZjNTgwYS0zNjgwLTRkNmQtODI5Ni1mOGVlZGM4YTk0ZTQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTU2ZoZxAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_w5V9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODE3MjQ5MjEzMTAzMTE2Nzg0IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56STROREk1TnpneE5UZzNPVE1qTWpNeU5EWTBNalExT1RRM05qTXhOdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcPv9v2H84O7ZMAFAMkFQdEcAADwP9IFCQkJDHgAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8HxBdIHDRVlASYI2gcGAV6sGADgBwDqBwIIAPAHm0uKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=c26a7367864691023d7ed128c88efbf9cb5976ca&pp=ZWwxrgAOqCgHg4W_AAkw7k0IAa-ojBYoprlCBg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9ZC_rjFsZajQOr-LjuwP7uGkyA_S4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS6Ak_QHZWjQ_XpMA_0NKbVHDEpyCxYdoz39g62K6ut_SRFeQE1eivTOixMx9eA5PFKF7InyTePRq1b-W4rrC-9I9tu9we37g_n0JaEzYoRGjTKvWywyIqbAqiJxt8NzUH7HXAxJobgM8MSLi93jRPJ3RjrUnZpaaqXv3CUoOVIbDOrExwS6zGu2aCAbC8inVUwslA2VO9qJ7YGcgymeLmeIDB1IFWSedVAX5lK2yfUp3ycKLZe3lXkrQIsjf5JVHMvjti3uFDPuKA_k99ktuKe_nzN-8FXXzURUWjmqPboTXrMQ_EHi3-ae9eAeZPZJYx9aD0eYHh7J6ZTXCsOFn3Z_HPGA1dlQJ3bIUBg0srUqkFE1jhsKbYoBxaITn8_qb3ocE2DXdZaiqvAfaST3P0ewoTruJxrSRBS__krgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WP-978ji8oID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wSTXeaJdwurvcdpnWX7kZ6yBY7Q%26client%3Dca-pub-7554934826467559%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
cabe481c-6bbf-4053-a000-4794bbfb1cd8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BD7F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrCvZrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEtwJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhn0KMXLTn8ipqinYcDQmSISREMWirdeoCJvTv8UANF9hxBDUr-IUoAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NTU0OTM0ODI2NDY3NTU5GAA&sigh=6lOBmPCyLcg&uach_m=%5BUACH%5D&cid=CAQSPADICaaNszNKlpUoasZocmjS6Ew_fqLBRKP4wGzvXP_lrp9CpJmDPfrzNb40vam85llzH7wMpMU1-WmVkRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame BD7F 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kxtnq5smgam2rartwcj12gksd4qcp96j5qa24sv6hhkxm2d49b0w8wsw4hpszhtgh586m5wgx66hdctkxcmj6c1nczwgj75c5w2a6apj787qsg02rskmp28bsh07t8n9tgsq187b8sqg32gza5b5wemsb7yh8karybrjgfet3shx31ttqa04mstk2tty2qvxx5km88nhj5h8xp4wqhbsg4cwa00nr1vct0955s2r10py57jazcc5s4pcb7grgrybnnnst9yg8d08w26xtxztgv9a8206fg8kbg46kwn9ekkgz6b0rdtfmmq5aeq666n3h0yw73dkwh9j4qa5c05v3bkqka1r3kqvf3991cnga28285hv1h4g9t2gwj6s6q92wnh69572210yyg&b=ZWwxrgAOj2oHg4toAAYpoybUcsCpj-ljoAQogA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2165271072&adf=1120807131&pi=t.aa~a.1345899263~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250&nras=4&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 03 Dec 2023 07:43:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E24 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9AF1 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0252d5d143b3ea212f6d7e377cf1d52983921e7ced52ffa9a41e04bfe4b8d737

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 9AF1 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QK4B-i4AwAAAwDWAAUBCK_jsKsGEKHkht_4pcasTxgAKjYJFd6jByAxqT8RbY0Tb5uOqD8ZAAAAoJmZ8T8hbQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOTAwqtAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BlaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0xNzg5ODRkMC00ZDhjLTRkOGMtYmI2MC1mYTRlMGFkOGQxYWMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlgAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYFDo5tALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8MJ0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzU3MTc2Mjg4OTM5MjQ1MzY4NjUiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqTnpJeU1qUTFNRGMyTlRRd056WWpOelEwTWpNME16UTFORFUwTmpnPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBjFiIBQGYBQCgBeOo-uf37LS9HsAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFCPoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAQGJYOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0VYwEmCNoHBgFerBgA4AcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=962256f3fe1742676451d9d9a26546ebfcf0f8c8&type=nv&nvt=5&jm=1003&px=17&py=0&bw=300&bh=157&sid=6102716151955090162&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=333&ph=250&ww=333&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
5e424bb7-d827-478a-a790-033115f5d3e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CFB8 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdCMnrzFsZdY0_Oq05Q-skp7YD9Lg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwHIAwKqBLgCT9BQeBrKI6tr8ZtuaRLB_4ET-ra7znv_pDl_ItBJmvbTOBixhCGJwMZodUY7ZGI0YDBrunmqJhfA9OoE2crfJwcD5yGcSAShgU3bsuy1-0nyXi4DMPMEkrUOXZx0SVsFFtzx0PHjmWv0l2szc8vm-HwQB__Qhnqjqm3fOFdQLOfGidLKnqXzAo6_QmXNkBgU1Y6jf_LD6GEroNDi-8Jjr4WB5IZxp0nre-VHBqemVIgf4c7CE2OuiRvgQKUuzmZN27_6iAuWteOvzyfD9FRVel8W5tO7EB2kCJGDeZG4dIoOnq9BIaS4MSeyCKeqh8lmIrNb1TbSYViCWB8thTP0OXdY4fdTKPcxPzGKs7aUTyBjz0XC_Bs4-qqc9R5SRp0hgYuIHW3o9tn9Qqi16fSJMnwWqzRgetaugAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJKS7sji8oIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=J11VvXl4BRw&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNRusZSOY2IAkU5pMOeAg3skWZn8T8fDOM_5ti0y4GYne0ISwcxw1p5oquDcv_gco0cA4kcLV8GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame CFB8 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLXB-jXAwAAAwDWAAUBCK_jsKsGEJ-6gNO4o7r2HBgAKjYJ8PXBXdOryD8Rukg5tqoMyD8ZAAAAoJmZ8T8hug0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOyAwrMAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BlaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01NGVjM2FiZS1iNWUxLTRkYzItODBiYi1mMzJmY2I2ZWJiYmImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlgAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJtALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0R8NdQUklDRX0SBTEyMDg1GhMyMDg0Mjk3MDMyMDYwNjQwNTQzIgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXlORGM1TmpreE1UY3hNREFqTnpVeU5EZ3dOekkwTWpBeU16WT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFxtDTw5uY59p1wAUAyQUAAAAAAADwP9IFCQkAAAAFDmjYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYFIDAA8D_QBsKNBNoGFgoQCRIZAQGJZOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0JESgBJgjaBwYBXqwYAOAHAOoHAggA8AebS4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1c45db4e6035ec993fdcb8668167915c24360c10&pp=ZWwxrwAAGlYGrTV8AAeJLMJdYGxr_z6HMV4ECw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Zz0rzFsZdY0_Oq05Q-skp7YD9Lg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwHIAwKqBLsCT9BQeBrKI6tr8ZtuaRLB_4ET-ra7znv_pDl_ItBJmvbTOBixhCGJwMZodUY7ZGI0YDBrunmqJhfA9OoE2crfJwcD5yGcSAShgU3bsuy1-0nyXi4DMPMEkrUOXZx0SVsFFtzx0PHjmWv0l2szc8vm-HwQB__Qhnqjqm3fOFdQLOfGidLKnqXzAo6_QmXNkBgU1Y6jf_LD6GEroNDi-8Jjr4WB5IZxp0nre-VHBqemVIgf4c7CE2OuiRvgQKUuzmZN27_6iAuWteOvzyfD9FRVel8W5tO7EB2kCJGDeZG4dIoOnq9BIaS4MSeyCKeqh8lmIrNb1TbSYViCWB8thTP0OXdY4fdTKPcxPzGKs7aUTyBjzwfA3Yn6XlDxYeQm8wN4BT2MPmds__flmwozsHA1slY6s_ThmLs6vcmAgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJKS7sji8oID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_085Xi7xAHuKWa7BmWwZnJTzpVyug%26client%3Dca-pub-7554934826467559%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
8145baec-ed70-4ecb-a8aa-18114e664cfe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame E792 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2632c0d7e4a3ef72071fec72897a1a6d415a8d8e3692f2c79e0086f5f80251b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F0D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sun, 03 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 4D67 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
118403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:50:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9AF1 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CctLDrzFsZbOgAqygtOUPnZaPgArS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS3Ak_QX6i5osWR4bWYqsooSmiVjr86K3rtgjjdZd9YHbNABp_bjbx-QhmOlwuJuDqO1fIlvdP2-Lpte55cMersdBkbvUMqnnvfMMKYa6iWnkCN9gGK5MFCbLh3FgNQ11L6ds3fVBigHQaqwIDhfXDBozNuhUaqMbP3gzye1B-yS9xgyPm0p9_oBwL7nqcCbCQZb9_LkHQjvid9q-rXZQy3GoCo8LoyoPGOJ24STTJQzKarTw1Bd-Z32Q287F-988_HIb7sEQsvit7XhjbWgs3w1NHZWTbnVDKQA9PCKqVQNQY5Ubb2sGfAaguREtG4KtepOpbKu7x3Lvh8yjfgrsnD0c-FLKQikOlbxFN-zwmrn8L9aaK_3G-iNW-O2MlKS7KU58IoqWm4UCQWJnMzQZOwSqBVNvPsuymvgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNb578ji8oIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=-kBMw8oNI_g&uach_m=%5BUACH%5D&cid=CAQSPADICaaN5GkJ-EgZasLNsAllgrK2dTostW0FxV01tEBgCQEtCw0g_An5HIuSpeF_lXk5KYmHdi30YRBzQhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame 9AF1 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QK4B-i4AwAAAwDWAAUBCK_jsKsGEKHkht_4pcasTxgAKjYJFd6jByAxqT8RbY0Tb5uOqD8ZAAAAoJmZ8T8hbQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4yfUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOTAwqtAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BlaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0xNzg5ODRkMC00ZDhjLTRkOGMtYmI2MC1mYTRlMGFkOGQxYWMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlgAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYFDo5tALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8MJ0cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzU3MTc2Mjg4OTM5MjQ1MzY4NjUiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqTnpJeU1qUTFNRGMyTlRRd056WWpOelEwTWpNME16UTFORFUwTmpnPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBjFiIBQGYBQCgBeOo-uf37LS9HsAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFCPoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAQGJYOAGAfIGAggAgAcBiAcAoAcByAfJ9QXSBw0VYwEmCNoHBgFerBgA4AcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=962256f3fe1742676451d9d9a26546ebfcf0f8c8&pp=ZWwxrwAAkDMGrRAsAAPLHa3bTANo6OLng9zKCQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBNWrzFsZbOgAqygtOUPnZaPgArS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS6Ak_QX6i5osWR4bWYqsooSmiVjr86K3rtgjjdZd9YHbNABp_bjbx-QhmOlwuJuDqO1fIlvdP2-Lpte55cMersdBkbvUMqnnvfMMKYa6iWnkCN9gGK5MFCbLh3FgNQ11L6ds3fVBigHQaqwIDhfXDBozNuhUaqMbP3gzye1B-yS9xgyPm0p9_oBwL7nqcCbCQZb9_LkHQjvid9q-rXZQy3GoCo8LoyoPGOJ24STTJQzKarTw1Bd-Z32Q287F-988_HIb7sEQsvit7XhjbWgs3w1NHZWTbnVDKQA9PCKqVQNQY5Ubb2sGfAaguREtG4KtepOpbKu7x3Lvh8yjfgrsnD0c-FLKQikOlbxFN-zwmrn8L9aeC9_f1gkZXjTDM-_izNY3QsimM8WQoO_9G1GBcMyop5LjNtWUQ7lNb7gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNb578ji8oID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2321BpmGEbxd-VbmcBE7MyuxPtag%26client%3Dca-pub-7554934826467559%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
63b6e101-c171-43be-817f-fbbd2ab6446c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D55D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1&google_push=AXcoOmRZdkCW7DSL9hcOEzzUKi_l8vX67Ngkmf5mM_iTnaGC8rxYlA3MxtJ4IgQZPmkKmiDHxzoFRIcTC9UE5UL0Id0y_ts1gIjVg...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2ODE5NjA2Nzk3OTEyMDAxMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame D55D 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM7Dsi3jP49Qi8DX0x3PuaQ&google_cver=1&google_push=AXcoOmQIHBi3HjT1OULPjTWPZJ_XbK5VbzhDWR25nKb5BFRww_s4Y82GguYtI0gLp57I2NgzrdhpKAFMU8Sis9j-e2KWUGlrzMtdMF3KwaDQ8G5nMkoY-wx866rx5zf78uwZPJqoydZikEsGeA8z6SSh-zHUgqQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame D55D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTK...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2J...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82fa2e2d5ec22671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
379
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGQ4abzEOlM1cfZ9afhVqwk&google_cver=1&google_push=AXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoHLPrhzc4rx__yuMXlmbih8m_miEVyGUVPN4Yw2R9PXBK_9jAw92xKoKsd1mwC5QZY5_3vppYDUBiKT8S6pXw7oWsu2JTKSPvLiICzHZw9MFbZxdY0blmGO5Jjyg0jX09woraPxc5R-FZMmQYSmlTL-s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82fa2e2bfc6e2671-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D55D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEP__Jt3LSEWQQCgtzCoaUlw&google_cver=1&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oMhPYd0U6NWufnhuI...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oMhPYd0U6NWufnhuIl37khD99MmaoFY3mxr8NhGJlqJ071Fp-S5jNCBqzVsNPm1bxIbO2FvjpE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmSX6UmpoJSAJPLngNbsVdx56tWrr82X3rERQ8KkFiHecBPC-YICii5qNNDbY_Tv1BqM7mddTIWp7dhv4oMhPYd0U6NWufnhuIl37khD99MmaoFY3mxr8NhGJlqJ071Fp-S5jNCBqzVsNPm1bxIbO2FvjpE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 02 Dec 2023 07:43:44 GMT
sync
x.bidswitch.net/ Frame D55D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAFhuSOjZyz5VqcFb4MgB2c&google_cver=1&google_push=AXcoOmSQvjm1xychnrF2PasTJ4ziHvhN-Hq-Go_5Ai2NpDbytdbG5sXi0Lt1_Hmad_Yaob1vSs5-s2wnIIDB9X2MSsht1wP5L6kLXwRyAcxFRIu7g_dgQzkhRzoI8W6DpXt_QO2bvSx-Wp17_qJ4K9mNSOrnfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame D55D 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZ_jnNEgkyDs1cJdNQ2i7mvq8PLTT_TMsftk7Y0U728-jBopwv9lGEXHmfPWL2S3AEt7-vNCabydQW0ctSpghcbBucTqqyj-i4olMO-qY6Suj2dZYgQ4nvrb0F0cX-U20VNIZphaiHdvAqRzy-2bu8Tgk&google_gid=CAESELYPUYlJtC1JRG4wnao65s8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
381648
expires
Sun, 03 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D55D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEv3bAjazrINz3UPRZtfoRQ&google_cver=1&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEv3bAjazrINz3UPRZtfoRQ&google_cver=1&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-il...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MDM4NDk4MTYyMjI1OTI4NA&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MDM4NDk4MTYyMjI1OTI4NA&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O0masQWP3EWygpmanc32-c5uTslpFDlRPBEXX-s3Hup3ZbMS8RsT7PbrXcH_JwZrWukSHokB8FZY4fVw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MDM4NDk4MTYyMjI1OTI4NA&google_push=AXcoOmQ9K3LoQUmE99N9JN0yJGM1zyApBeHTs1V3RpSX3TnWRKWEmUc7OwpyMrrzLm3GNrHL-ilL0M4O0masQWP3EWygpmanc32-c5uTslpFDlRPBEXX-s3Hup3ZbMS8RsT7PbrXcH_JwZrWukSHokB8FZY4fVw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D55D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhI68bhGmEu64P9Q40ihp7dyeo2BwjffFX8dk-FVKPAVyo361bMuPfMF9ERCGDmZTCDi_F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 8DEE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fa015d16354b4df9b9c8070b184bffcf2d5cacb4c916ea8f07272ad7072668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 8DEE 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzjK4rzFsZaKyAdCwtOUP_OyPsATS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS3Ak_Q9VLdqzUEUqJIhgnp9oz5NOEEdeJaVhBuc2jTrgQAyrsuFrhBPE2i797h7sdYHsC33ToVSunemOS1qlZ5HPgO8am0wvyjpNgKUaSDoRW5w5Ayps1YWscv6qob8BnlD233LJwcWt5ht87GSRWYtXz8c0vdEi1rHQEGNg873CYckHCcxxDXI8xKK2UExB71WslFbE-LWVPMpUkyGR3UxZIMqRDNKYJr_hEPoBjctMLuiIBMhR_TTEoFpV_zwEI6a83YTemeq5cE-pTI2MIJYXDVNxAmS8cXTTwT3ntPE-z84LDsXlSbB7zxWfZVPzc1tRVs7I4snIeAb_WvUxKzSEyhr6pKT2WR9Xfo6oh4ngoJ028gPwabR0rOGHfOTjqJS7IWV5J1DHXPPun0Ke23BgymtKrEF-J4gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNmL78ji8oIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=1MRJmbGUHQY&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNFzJjFSGdceDvr2bFNN_NB9bcg8E7dP-loN-uK3n0gw-3oKWsOMlH646L-qAZEkLNdurHKKmiGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame 8DEE 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLBB-jBAwAAAwDWAAUBCK_jsKsGELq-ndyk056QQxgAKjYJI3cKdvk6tT8R7LeXWgOytD8ZAAAAoJmZ8T8h7A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4lvIFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BPaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kODMxMGVhNy0yMmM4LTRkMTgtYWUwOS04ZTA2ZjVlMjMzODEmYmlkSWQ9MTUwMDABDFRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlwAGHB1Ymxpc2gFKSQxNjI2NDUzMzAmATeScQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODM3MDAwODAyOTA2NjI3ODk4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXpOakU1TWpVNE1qRTJNeklqTWpNeU5ERTJNVFF5TXpBNU5qSTNNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcTm3oLJ5MfLIMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb3zKfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB5byBdIHDQkuJgAM2gcGCAkvoAcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a0d0767391e7518e5b7578ce0aaad47f7a27679f&pp=ZWwxrwAAWSIGrRhQAAP2fOlakwKeliP5NHVuFA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmwgrzFsZaKyAdCwtOUP_OyPsATS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqAMByAMCqgS6Ak_Q9VLdqzUEUqJIhgnp9oz5NOEEdeJaVhBuc2jTrgQAyrsuFrhBPE2i797h7sdYHsC33ToVSunemOS1qlZ5HPgO8am0wvyjpNgKUaSDoRW5w5Ayps1YWscv6qob8BnlD233LJwcWt5ht87GSRWYtXz8c0vdEi1rHQEGNg873CYckHCcxxDXI8xKK2UExB71WslFbE-LWVPMpUkyGR3UxZIMqRDNKYJr_hEPoBjctMLuiIBMhR_TTEoFpV_zwEI6a83YTemeq5cE-pTI2MIJYXDVNxAmS8cXTTwT3ntPE-z84LDsXlSbB7zxWfZVPzc1tRVs7I4snIeAb_WvUxKzSEyhr6pKT2WR9Xfo6oh4ngoJ0y0iHpRZ47CjjI26-6TQzwQSdJjxBVvX50tycGkLhiaKrGpF9Y_sqATRgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNmL78ji8oID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GJePTumJkwlVyoSjry5rBK-CDTQ%26client%3Dca-pub-7554934826467559%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
an-x-request-uuid
19a6fb5f-2b6e-49e2-bdc7-b2fce2a5cbab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame F3C4 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHKnnMqvz0JmlebJMBUqaLc&google_cver=1&google_push=AXcoOmROtxuPblc2pO-Vtnvw7A2QsajtMIGdPBWPzLlE8PkkgGW_7lt398fE0LG2shKbMGTqHsjl3mc7eP_WOc22TOp171RdvARMxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
466606.gif
id.rlcdn.com/ Frame F3C4 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmSHbcOQnTKQ8wBE7XNV-JzOuEttCewo-eR7LDN_Dx9S1NYJDSVZnYp7RpHHCAnK6SQQkGsGK1ZUI-32nJqn0hGTlTnv8GSAPg&google_gid=CAESEHPZoFB1XOnZ0pNBzV9scFY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDdjYw5R7JV2MJbQNKqfrJ4&google_cver=1&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW7...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODI3MDkyNzMwMTc2OTM1NQ%3D%3D&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW70DZr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODI3MDkyNzMwMTc2OTM1NQ%3D%3D&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW70DZrlKd1lcclbIVmA
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODI3MDkyNzMwMTc2OTM1NQ%3D%3D&google_push=AXcoOmRvWvXmNRRL2GfLiiDw7amTC4CW-604ze_XB_y4feu4QA616-faF2qIKzWK18JxpSOZr7x_ezsN2qlZW70DZrlKd1lcclbIVmA
Date
Sun, 03 Dec 2023 07:43:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEH_CXpC2g8Bt8vU6y_j-yJE&google_cver=1&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB_lCQzBzPKB1VvOI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB_lCQzBzPKB1VvOI
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmTKkawPeFnJjFv8HESavdF9wxYNYfkAQTRAcvIQ3i10SSmWBxvHq0C97HIFeGoEKiYteGMqJnIZka02HPKB_lCQzBzPKB1VvOI
x-host
tde-deliveryengine-production-6987bbc57b-b4p7g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENPOtVJ_15IPs903LImeUfo&google_cver=1&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5E...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5Ep02G1flM&google_hm=eS1teEk4enNoRTJwR1h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5Ep02G1flM&google_hm=eS1teEk4enNoRTJwR1hfZzcuWUU3Q0JLdVhJUzBEMUgxYn5B
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRDvdpp71njKCdO8NPmzKh_W07oqzinBMgeprTuGKzblmXcNVKE0ZQMoFtC2wpya_dXxQPen6Hp9_tnCeYNlmK9n5Ep02G1flM&google_hm=eS1teEk4enNoRTJwR1hfZzcuWUU3Q0JLdVhJUzBEMUgxYn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHfxhggu9QI-c0SmqE-aovU&google_cver=1&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xp...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHfxhggu9QI-c0SmqE-aovU&google_cver=1&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeAD...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4MzkzMTU5MDYwNzY0ODY2MQ&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4MzkzMTU5MDYwNzY0ODY2MQ&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xpWKV7ju_qxfg67rEPP-iY2o0
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4MzkzMTU5MDYwNzY0ODY2MQ&google_push=AXcoOmQaybdWu1mcIwFpW-VBhFzCeLA9mx_Qst2ILLJwrDPNnmVg2SmgJJTwBNPn5P-wlnAZeADlj3xpWKV7ju_qxfg67rEPP-iY2o0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F3C4
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBoE1bWrOHWSAlMOI4TqS_I&google_cver=1&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEP...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEPcjb7hkHA&google_hm=LPCNLno6RuKqw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEPcjb7hkHA&google_hm=LPCNLno6RuKqwDFNpQxfRQ
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AXcoOmSS5kTs15jZpwdp4MWmS9zh4skc5bbyCmeOO26VYFnDUeQagdpVHIrCubsorFlDC8zs9kiVSb46lfTmmWWY5nmGEEPcjb7hkHA&google_hm=LPCNLno6RuKqwDFNpQxfRQ
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame F3C4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ias47zoCpUpFW8Su8nvKwvoZGVKT-B3LDnqwSc8ZbHpZGED2KSjSroys3Shl83Uuqr4Dr_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3318115725&adf=3987088018&pi=t.aa~a.1324685680~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250&nras=6&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
vevent
ams3-ib.adnxs.com/ Frame 8DEE 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit&e=wqT_3QLBB-jBAwAAAwDWAAUBCK_jsKsGELq-ndyk056QQxgAKjYJI3cKdvk6tT8R7LeXWgOytD8ZAAAAoJmZ8T8h7A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4lvIFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCUGh0dHBzOi8vdGltZWJ1c2luZXNzbmV3cy5jb20va3JpdGktc2Fub24taW1tZWRpYXRlLTUtMC1ldmV4LXJldmlldy1zY2FtLW9yLWxlZ2l0gAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0dHBzOi8vd3d3LmJpbmcFXiBhcGkvdjEvbWUBV_BPaW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kODMxMGVhNy0yMmM4LTRkMTgtYWUwOS04ZTA2ZjVlMjMzODEmYmlkSWQ9MTUwMDABDFRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BMlwAGHB1Ymxpc2gFKSQxNjI2NDUzMzAmATeScQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0ODM3MDAwODAyOTA2NjI3ODk4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXpOakU1TWpVNE1qRTJNeklqTWpNeU5ERTJNVFF5TXpBNU5qSTNNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcTm3oLJ5MfLIMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBb3zKfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB5byBdIHDQkuJgAM2gcGCAkvoAcA6gcCCADwB5tLiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=a0d0767391e7518e5b7578ce0aaad47f7a27679f&type=nv&nvt=5&jm=1003&px=17&py=0&bw=300&bh=157&sid=6102716151955090162&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=333&ph=250&ww=333&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
an-x-request-uuid
2f504b0b-f09a-4889-a383-45128230b782
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.247; 193.32.248.247; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D7E1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECF9wJtIdzOvupKczZBmOM0&google_cver=1&google_push=AXcoOmR9vbyRiGjOAMNq33Bf_ghIXU93wBVUvUEVrSrS13RgRG7ft2vVp0DEU1Ewtc-B4yQ2H0APIyd63qymcm3LZNJU21Zx8H9LauRQVu-9HwC_UZaY9dk8ZXGfgppGvhn0oNZOu-XzL73HZIi_DWe2Nw9ko-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D7E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld3eHJ3QUVHWTFkS2dBTQ==&google_gid=CAESEHaCB5CAeaXs9jpTU5hb_Dg&google_cver=1&google_push=AXcoOmSbJ2cEa5zhsURnftHdP5jBp8lUy5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld3eHJ3QUVHWTFkS2dBTQ==&google_gid=CAESEHaCB5CAeaXs9jpTU5hb_Dg&google_cver=1&google_push=AXcoOmSbJ2cEa5zhsURnftHdP5jBp8lUy5eEchYu4U6XcsJBPCZBBTqGkVe9gX_2q4RFctz_xCXRRLu8mmi504fEDzqrsareHBFAeN3UAtYGNASk1_MnZcdYKwLgyU8EUsqgWj9I8lGGr-YzKpCnFCzaQY1jEM8
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230031-FRA
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701589424.051774,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld3eHJ3QUVHWTFkS2dBTQ==&google_gid=CAESEHaCB5CAeaXs9jpTU5hb_Dg&google_cver=1&google_push=AXcoOmSbJ2cEa5zhsURnftHdP5jBp8lUy5eEchYu4U6XcsJBPCZBBTqGkVe9gX_2q4RFctz_xCXRRLu8mmi504fEDzqrsareHBFAeN3UAtYGNASk1_MnZcdYKwLgyU8EUsqgWj9I8lGGr-YzKpCnFCzaQY1jEM8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame D7E1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN03eCRqoVllADPlJf9IwxE&google_cver=1&google_push=AXcoOmSqAfiiQa5Gb5H39UYr6Kifn70TanWmsImxW0ZfNSg-EHhEds9wdO96V_WP5sweyfSIK0zKjIZArpCfM5a4sqXc1JGNnyIEEilPFQIspfbdTWMGdpGpFSukQzu3vhifzR8euE6u_qUjskiMUulzR05RHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame D7E1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAbbdqYw3mJrj_zKk99s770&google_cver=1&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jY...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jYCJJPvCOHclv2wt_gbmz5NlkqFwsJ_N69D0t_mA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jYCJJPvCOHclv2wt_gbmz5NlkqFwsJ_N69D0t_mAau84tbxmnnWg8UuCFLMEB6-m8g&google_hm=eS1PQ09STkRaRTJwSEZwVm5iaDhQNHptZnZ1NkptdDJxWH5B
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS0ZSD9vaug88V6TWGJLcoaV_VJ7r30abiw3zU4fXPFCzg6fNzBB9un-R6tydxmzEYW6PwYrNjZQjrT0NtPGqah-jYCJJPvCOHclv2wt_gbmz5NlkqFwsJ_N69D0t_mAau84tbxmnnWg8UuCFLMEB6-m8g&google_hm=eS1PQ09STkRaRTJwSEZwVm5iaDhQNHptZnZ1NkptdDJxWH5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame D7E1 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRophFDwBo20VoWD-JXO3ct7nTVn-Gau8lt_frldnFtBHlKyYPi9xx3J5GH3Vq0Jl22Udzk_soTLyIfvmfb3fOsLgP5p_Zi1wIrtXy5cnIoHQGeUO5fTfnlVsnSIETApMJenZYqCQRsSPthmpGog6htf6Q&google_gid=CAESEGpSdHx63mGGXtYAOdaU_l4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
363984
expires
Sun, 03 Dec 2023 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame D7E1 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENYAhXDNrpj0zF-4KKMafeQ&google_push=AXcoOmTlBPCIutcifVNMsZSvOHT2im8jHIfwjxoB3WiIibRl-z0S88q5YWU-UZPLiBSP45SDCN8sBTwNm965WzoInlxoQX0I4DTrKPXA2BvxsUWtViFQBbrg4gecjJ_AgVB9yY2LJcDB9C6hIYY2p6wTKRogFA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame D7E1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBFTsnSfwMzV1d5Dq-yt18Y&google_cver=1&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHLpGMrb4D5Ad766ZRXphkP_w51u1hTM4_GBNaU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHLpGMrb4D5Ad766ZRXphkP_w51u1hTM4_GBNaU0Z29YffTFfQQbsGHiidz3F-qkP9YbdTHVS-CcK4
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTkBu8hERUUDzjveGxBUyXCZ5Yi34q1wSoZ5uQUtsgAaGE-l12DY7UZsMggdKXWh9C2xWOvzcWkLnHLpGMrb4D5Ad766ZRXphkP_w51u1hTM4_GBNaU0Z29YffTFfQQbsGHiidz3F-qkP9YbdTHVS-CcK4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame D7E1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4_Pte6p7SBDJQkcDZUS-67swpV20mNIHAA59VbQJaBfP5YPubH2Ljt9tcdBV1gsQWg0ae
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=3492100912&pi=t.aa~a.1902263049~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82fa2e2c8f312c76-FRA
content-length
24
content-type
text/plain
date
Sun, 03 Dec 2023 07:43:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ISKSzo0yzSpLG1JMcnjrUoCfjQmMt2laRCFc%2FOlvSOPLNzElBV6VRNbKEIrG67SI0dnci5B6iJMQ4BZxOaP4pc3gfC2O7PHquRZK8PqShVjiLupuklq6GofUHNXeuNQPQLRlJ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-09x9
rs
ad4m.at/ Frame C862 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb9bfd1802f1acd83e5b9fe259ec3bf8deecf2035c60261410dd592b1121d82

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIt1%2B6aASDFmq5oQDzc2v8S1%2Bdx2LLKeFg9mz7EyMKQvwzovXZJUHAws6SKmjloB92jilneZqmd4CwnM6oJnp5gU2YhmC%2Bmb1VorSJ3cKgoSH2zZujEfvY13Fqnl1Rj6Kk1azUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82fa2e2cdf802c76-FRA
x-backend-server
aa-reachservice-group-europe-west1-09x9
alt-svc
h3=":443"; ma=86400
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 81BA 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
118404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:50:20 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 742E 		350 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262045
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BYq7jHWQZjPC4e6bErNeCFolMRkhFi5k5WhMcfAOAiDZ9Z1hj6fhBH%2F4w%2FEzDcS0XQE27AWH85vNrjKyJwpPUtSKmuXLI%2BGATd2ENt3A9EqL4LCNN7tZAKCEeGTQznQxUdbJtr9INvkDscV4hPL7N4Q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2c68f31e4c-FRA
expires
Fri, 29 Nov 2024 06:56:19 GMT
cookie-frame.html
ad4m.at/ Frame 97B5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
404737
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
82fa2e2c7cc218e2-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Sun, 03 Dec 2023 07:43:44 GMT
expires
Tue, 28 Nov 2023 16:18:07 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yx9E7eIOMaCiUhQv5sIUVa%2BuOMxhSWF%2BISDKtO0zml74%2FZUQj9Xj%2FQmKWyxrsBvjgjDBflDX3%2FhCgjTqqK1JFnd4fcyUrPlVOBmLByyE0pqiHOqybBTYl4ECLeBzJRuNVsq%2F%2FiM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9E24
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEArOki4O0Irt23CHGNucjPA&google_cver=1&google_push=AXcoOmThuIw8TUDVaAtSJXpeLizjpMPIuHPcoZCn9wjLHFbVfbBb0d8T-6I3xs2il1BkYeJJ90EISC8nTPMGCrqj1FiajAH515NO0...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2ODE5NjA2Nzk3OTEyMDAxMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAZnVLPaKTVqMUtpt10BFhk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E24
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOVpvm5rfl0VdfPHTu-GhaM&google_cver=1&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbq...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbqox0URkYs7ZlbAf1dOHWrWdju6spy9PSETG5ULYsXUZrtQzNqG7OWCzBaNHlMxJMYl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbqox0URkYs7ZlbAf1dOHWrWdju6spy9PSETG5ULYsXUZrtQzNqG7OWCzBaNHlMxJMYl0PTUJZf2EGhgN-aJIjaGaAkbInF6A2ZjXxGQ&google_hm=XhOLQRgHncvfIXJNRLVqtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQHOeFJWI-KSOv1R4YdDfRKFMwUTwQddB_Il3qut-O7s92BQVumbqox0URkYs7ZlbAf1dOHWrWdju6spy9PSETG5ULYsXUZrtQzNqG7OWCzBaNHlMxJMYl0PTUJZf2EGhgN-aJIjaGaAkbInF6A2ZjXxGQ&google_hm=XhOLQRgHncvfIXJNRLVqtQ
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9E24 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENFOQWBZ_zr18FyNjb7d7cI&google_cver=1&google_push=AXcoOmSSeq86NyRDMGJCffxPMwnW95kJWXgF-DRKiXi8zRoW8baMG9Ef9wYb0t2uDzY9pTtvtshcNgP7QVNxDVWvejc_jlraCBS2eE_zjdEusl0rN174K5OQ72lfGLaqEE7-ennxsR3XDLMktkcY8Y72RqkQ6tY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9E24
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mhG2k7EHrhpjx6i-blNdDAMORC_GQetcDwLCkl6FSx7ibLI7a3bFe-Rlom_QUSZNP6AKPOCI8S5sxPQ-xZxGnIfhnWBjWy2qHEILJcIreOtEVQvKOo
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 07:43:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEMwMpOGBFmJGeOXSu-oGZVs&google_cver=1&google_push=AXcoOmTttLgvDDVbGow5TKvaoPgTb_zwi1u65EMlOw2H6mhG2k7EHrhpjx6i-blNdDAMORC_GQetcDwLCkl6FSx7ibLI7a3bFe-Rlom_QUSZNP6AKPOCI8S5sxPQ-xZxGnIfhnWBjWy2qHEILJcIreOtEVQvKOo
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9E24 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEF1VlexQgstX0ZRh1MxeeU8&google_cver=1&google_push=AXcoOmTIoV_jycEDV_5mpkzW6wdlGmNaJCwViooPwwJ7ZwxtGpHdgrQB_HIgLoDuuOU5E8WWz2YbKW9CLpk-5Sc6aY1wc_7PW69jLu1EmnhYkHAaerjLJ47z4jbANiNe0lSYJKXhVY8_qMQlWJke7u5tO_1yyME
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 9E24
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAKJUtDRMYoNvZ6ekgNmqkw&google_cver=1&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94u...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94uKgup99XZEcEv2gh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94uKgup99XZEcEv2ghTyct4dGN_VjjuvKHaamLL56KbGcHEgFyZAvilfihNO3__XO20esFnfyk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cCzblgbRSmYaYdxY8bgN9w&google_push=AXcoOmS0kBoDSJuul_nypCG1quUjfJqYT1cO2K8ivayWjV2KNX2JN680sTgKCSmOSH2hT4MJcLrO_vmPt5Yyi94uKgup99XZEcEv2ghTyct4dGN_VjjuvKHaamLL56KbGcHEgFyZAvilfihNO3__XO20esFnfyk
x-host
tde-deliveryengine-production-6987bbc57b-ks9rc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9E24
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENRvCaWIlhEdPcPNIesSS24&google_cver=1&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN5CQCFKzf62dzvFnskILBQC2HIiE5k6YY0tS9SS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN5CQCFKzf62dzvFnskILBQC2HIiE5k6YY0tS9SS5Qv6xQKvutN5dFrzyQEvNTXcQ&google_hm=eS1NaGM3WnkxRTJwRklNblJKSzJZZFFZTnlaQWZ0aTVJMH5B
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR4JSyAnnTxw0tfsDdY-NLQ3bFIaCGw_2oj_thF7dPLjXekm-SZ9D6WbucKk70anU0q1nl4C2UZz4CR29FqrZBhUFN5CQCFKzf62dzvFnskILBQC2HIiE5k6YY0tS9SS5Qv6xQKvutN5dFrzyQEvNTXcQ&google_hm=eS1NaGM3WnkxRTJwRklNblJKSzJZZFFZTnlaQWZ0aTVJMH5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9E24 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXWFw4MI7JUZtmeErpGf_ZBLUTDdyfINnIUE-6xMxW5F1MGDcvYqLCuoGq_tb6TIoyas4_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=3006685884&adf=1207449781&pi=t.aa~a.4270427562~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250&nras=5&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame ADA0 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
118404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:50:20 GMT
pixel
cm.g.doubleclick.net/ Frame 5F0D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1rlQzzWNE9w7jSWi3Xt42mhWzQ61Xv2LGsty4QBomJBSC2WMQIdN0vccjrQav-BRTfhp-bzBX4tBIHd8kMDCs71B0zpBl_aQ1tXbor5zv03n3896Q
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 07:43:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MHZUSDlVQngxUjlIOEk1&google_gid=CAESEIJZiPQKhKMV1BaLYxK_TX0&google_cver=1&google_push=AXcoOmRZOaGQvKF8rvnDzRcfcRzRRXGLW_oRh-jolnv7S1rlQzzWNE9w7jSWi3Xt42mhWzQ61Xv2LGsty4QBomJBSC2WMQIdN0vccjrQav-BRTfhp-bzBX4tBIHd8kMDCs71B0zpBl_aQ1tXbor5zv03n3896Q
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 5F0D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-b...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY...
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82fa2e2dbf762671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
430
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDMnznVl5IqsbNH8-R7VP9o&google_cver=1&google_push=AXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh9n0lkMWHJtHLDleKjAoKE3aP7eaM373WtdBrPBgV1vt8vEgs8HvbkWlA-S6YnpCIK_6N88-8vuFgqPCi4HRMapxYgbY-bbWpviAn4Zwq80GbJI_7NRSy83235UUVnn_oww2ElflbQO1Stvd0Rj65YTA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82fa2e2c6d2b2671-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F0D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJoMR6I4_XMm0QobOJCBHhU&google_cver=1&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYsSgO921kP_6c2_1c...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYsSgO921kP_6c2_1cKxKUBFs20m8AoFmQZqshQcbrhGHaE7hsuLYezuGa5semlL5KV96k2Qfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E98373B92ED245EE9DA03C1B778B00AF&google_push=AXcoOmT5vEATxQof2qh9-tMsKPZvCTjCHir5tr-xw4MZr2Am9EbdZrE0efN4kSung3bUUUFyvxxN3fS1fyf-KYsSgO921kP_6c2_1cKxKUBFs20m8AoFmQZqshQcbrhGHaE7hsuLYezuGa5semlL5KV96k2Qfw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 02 Dec 2023 07:43:44 GMT
pixel
cm.g.doubleclick.net/ Frame 5F0D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGIpSOPeY92CEAsqioNtv4I&google_cver=1&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinBvC4U8Nm2-dg_efvHzPhv4UkSb08V0_dCK4CQNI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinBvC4U8Nm2-dg_efvHzPhv4UkSb08V0_dCK4CQNI2mQbawBGwT0uZSAe0iNTrkhoA&google_hm=eS0uNFZ5bDg5RTJwSEdOUkc2MDlQcXZBZHllOFBPU1dmNX5B
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9-QT7BSKhQFRJVzfnL5aKLfjAJ2QIcKOLzH7-4Y9c9b41kxqcco43lGDp8mQwX1czVo0p7NdzIq4-b-KUIliUinBvC4U8Nm2-dg_efvHzPhv4UkSb08V0_dCK4CQNI2mQbawBGwT0uZSAe0iNTrkhoA&google_hm=eS0uNFZ5bDg5RTJwSEdOUkc2MDlQcXZBZHllOFBPU1dmNX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5F0D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKNo-L5SWupTqNr0-9L9API&google_cver=1&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rR...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKNo-L5SWupTqNr0-9L9API&google_cver=1&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDExNDg0NDE2NDg5NTg3NTU3&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDExNDg0NDE2NDg5NTg3NTU3&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rRlUVaQfOoVTWbtbiH8kOM9AN_1SeLk32Y8wbdn0YsjNMqAN9xlxWCGDocyUkY3QZUan_NnPfgAvgUwQ
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDExNDg0NDE2NDg5NTg3NTU3&google_push=AXcoOmSF6mg2TArbkQbpDRW8noRWkzRnfF3s5CtWEkhavpIFGAeik2A5HjGbYkGdbQ5gTbwkYzCCt6rRlUVaQfOoVTWbtbiH8kOM9AN_1SeLk32Y8wbdn0YsjNMqAN9xlxWCGDocyUkY3QZUan_NnPfgAvgUwQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 5F0D 		0
0
pixel
cm.g.doubleclick.net/ Frame 5F0D
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGWjgWJ_RaQle2i6gYNC8d0&google_cver=1&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-m...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-mcxQu3ZaCwqJXPqyOGuj5cjJDudACDf9Eiqcvth_S1R0pdeCG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-mcxQu3ZaCwqJXPqyOGuj5cjJDudACDf9Eiqcvth_S1R0pdeCGndXTDWUw_6CICplw9fAZkq8OYLjHOBTLJFWzZJnZYZjsSu&google_hm=iq-R8thdRDChEQlGFnO63fc
Requested by
Host: timebusinessnews.com
URL: https://timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 07:43:43 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQD6kWYPLPXAZe5pt2Aj09rnGgH7EZ7_G-Saw0WdXFOSZRHTfavDf1Qz0ZY-mcxQu3ZaCwqJXPqyOGuj5cjJDudACDf9Eiqcvth_S1R0pdeCGndXTDWUw_6CICplw9fAZkq8OYLjHOBTLJFWzZJnZYZjsSu&google_hm=iq-R8thdRDChEQlGFnO63fc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5F0D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7jzgr5iGyuAd7s5BA9kaOoiWNR7Djc3dzSobYOauAxjy2sO7x52CimonJ1njO1zcWZs_G4DE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=1548157933&adf=4256907570&pi=t.aa~a.2314094185~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=-M&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250&nras=3&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=1635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame E792 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_K8brzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEtwJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECKC8lp_sEZs453KcusXVRo_V3feAIqJE3dsWHJFrcJp5velbfSspoAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NTU0OTM0ODI2NDY3NTU5GAA&sigh=RDZAEcrP3lU&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNo9x5LUWHi8z2eXgqjUAFZqNYuP0ak32oHt_PNh-KUVbFt_LX5YqqyOFmm68yRymmLapqiDWRGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 07:43:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E792 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jwew63qcbgq95re6geh0ahqd1gdf9cmyn5veprd0ta753tz8t5weccs1374vntjn5dqh9gabbagh0qtp84p0ke6rmfv0x94sxm6qg89d95xsqew803jm5d43921w9v17zf24r06f6kyfx14s8b18kw63dn8vxf0xn7nyv528j6mmpk1rmg3tp6tzssnv0ppsxbevj181gcvq6bhc7nn5gmh8t5ggsd4q85d7q2e1gfw47w46c6wngqtcrc1g9ymk6jv37h3wcpqtqkrewmsqdcx0xedkje7hzh2w405thb5yhwmwrhp2xfk3zn60bz829qa5snxrs5972waybjm8j0tj9t82gs6bb0d0e1vs0ag5eesf8es47baahfaf6t2v52cfkjbrb6g5z8&b=ZWwxrwAAeG4GrS6WAADbQRoFPs9saTvboWULKQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2177237695&adf=4203952362&pi=t.aa~a.12854135~rp.4&w=333&fwrn=1&fwrnh=100&lmt=1701426711&rafmt=1&to=qs&pwprc=7955184683&format=333x250&url=https%3A%2F%2Ftimebusinessnews.com%2Fkriti-sanon-immediate-5-0-evex-review-scam-or-legit%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701589422876&bpp=1&bdt=1948&idt=0&shv=r20231129&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C333x250%2C333x250%2C333x250%2C333x250%2C333x250&nras=7&correlator=568145841288&frm=20&pv=1&ga_vid=1309634682.1701589421&ga_sid=1701589422&ga_hid=200840905&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31079438%2C44809314%2C31078297%2C31079890%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=1323519298565292&tmod=712723117&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rs
ad4m.at/ Frame 742E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f9685f08ccb058eb591b078acf451d72a83517fe04ba8ae66bba3e34242095

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqm1lal7C7keNX2CW4UaC9jW2%2BqBVwe8fn5xxvoewpiWMWh87moBQnTItEMP6B46UaZiFUASR4yoNFcCYLqCsmFqkB9B3NxwRI0iBx6nood2ZNeXIcikcAakdvr0%2FXukcTV2wgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82fa2e2d1fb82c76-FRA
x-backend-server
aa-reachservice-group-europe-west1-09x9
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82fa2e2ccf6f2c76-FRA
content-length
24
content-type
text/plain
date
Sun, 03 Dec 2023 07:43:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHbkKLSv65ctg%2BbvQQsx%2FMZJF%2F%2FJK%2BTnTKjUIUfGWaZSqla42hAKM0hA0IfUl1%2FFZuKe2%2BpebWucEp3jx0uRwKPdlRzOduUgiACYF4EO4pndF9wva59yBHjZZ7FNHcDMLVIdW6w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-09x9
rar
as.ad4m.at/ad/ Frame AB12 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca48890334cdae639776ec9db15d2d4ea235e00fc94a3c75a71999253779014
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kme4z2jm4f45qytn3jkpw7ystcpc9j6z4e7jz1sx3tyd404hssqxs6w5k1w1zb9p5hr6psf9s2jq69pbke811sk72cck4f3gm33pjn03kj61b4sww6fb3jpg17xz2t5ss74r5n4be16acmvdw8apgn2h423sfz25fyhtx82xk5xx3v9x3pb5manthhrtt42jzefxgvmqv104py2p8dakg4wkajf8qs8e0yf80xzvmvyksphff2dnz150p8vj1y05dx80wmsgssp0y4mn9pk3hqpjsn80ffyj318fwmw0e605644egby50bge0gm9gn9faskejf1xp2hfk4qss4xddeev4426cmz7m5p5j4vj052ecsfjag6bmdjr25wyba0texrdbn1trc6fjay9rdjbnkvney1r11wdmc9mcmdxg9p64jq7ffhqmxwk6whcfj2jh7v2hy0g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%26client%3Dca-pub-7554934826467559%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82fa2e2d5d7018e2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:44 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame A689 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afda2fdbd6d7adeaaf6b65921794aab30f331e1dfd82b0e5b4b9fd9cf7f87cf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hj1dpjv3q59q7tz586da9dvmxdszf6mxef05bghc9rwfkr4fpek99q9r8j4q39694986qxfmp5gny98hkmtt7v4rdj5sz0hnzef3b3s3j0e66fcxk2jgg0dq97renavfzqf3rv4j4vvmr72mc69ymt2b53cdbdcr29edhrwtk45dybdye8jakvcrj8fxnyxt74w0sb8cgtp2sn54d3kymxn7sx1jfddstpsr41cgttp1sje3t5g7aygyqvs99mp3j7k5whyq93mgz9ry7bycptg3tzw8k7kt8hkz8jrwa766c5v357xq1sxpakkbys9d6s2j3nbb4wbxb9gmz1xcakz8sh7bqhrhrsaejyjd6377k976rfyeyka0a98bwfcd0tjbwd89tx4x32xp9xmc2hht65dmz72sa8dqzj05rn2258ch6wv2rmsewhspfaacx1vyhhx64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%26client%3Dca-pub-7554934826467559%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82fa2e2d7d7f18e2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:44 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AB12 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2073443
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uks1LJ4GwiEj12fmYzKYkzAd5bbiIRqmZHuvkaed02BBv9PsgEBhfxctGlqeQyCftCCvIjGeuRkqcu9Xqoo27xnuPkvT03ZCC2%2F03hfKy8aF%2F01kl5clH1LHwteEdkilrUcjvudlpXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82fa2e2dadbc18e2-FRA
expires
Mon, 04 Dec 2023 07:43:44 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame AB12 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352179
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6wF5aXMtI%2FRC%2FUTuUtYd0cmnAdwiTrTLujmZJATgYLpAHBHQiAnTz0toXssXxKEP8SXokB6FRtTrPNiGqdECAEVplPmIhRYMAycUfnxuw74Eqouu03iJ%2F0h5e9FjOUJmSQlIUleW7iL%2FMo6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db9799299-FRA
60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame AB12 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1652589
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28958
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:06:38 GMT
server
cloudflare
etag
"346e75cff96234b45fe664b527c7c88d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GezIHPa3K4BQ0qlrZgNlWc%2FyxKTijL2O7SdfBE2%2BBujxXf67oJY4SgaIV1LJswrjdxNPvOjWTB7lC%2BNgf7e93Hd9olW4AA78sDsLW7D1ac2S0PyJ0CmbV1rW9krTKMej7FyW2jDKzqAb2gHg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db9789299-FRA
view.aspx
pb.media01.eu/ Frame AB12
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=87911...
0
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:43 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 03 Dec 2023 08:43:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
53349
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
C120F8F7:E404_91EFC182:01BB_656C31B0_65464FB:55DF
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame AB12 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187226
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FFDeRFhEZZFlgWZMKL8NvmeFSj8NMNnCR8zi0I8Q9tH%2BFkR33GB4D89fx%2FLzvJi5s%2Fhtq8nplLCRCJTk4zWOsUDeqUjb5qVZKxI9zbsx8%2FoximIx1DqzzbN%2FWWLeYm7wg9QAMF476i7EiBN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db9779299-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame AB12 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438089
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0zdf3U323iOEcsH%2FeNra8jCFxWgFxKrWiZGZEckJgnhlYXXMrlJja%2FTrOqqsXK%2FoDa%2BZHxSUpLewvEEDPl2e1r13foyaUNzAyMgaCZWJ00w%2BRsKLK920FQCTWG3ad%2BzAzn1Mnd0SoUyQ0F0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db9759299-FRA
cshow.php
www.awin1.com/ Frame AB12 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 07:43:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame AB12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365876
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvkeVbBod9VOqIeP1JZR9JncbFKAqWa452FMnhqP%2BaBWdKkytMbcaqZVVEDW7yQ%2F7DK86u%2B1534mqey9k78c9OvVyhLnK7Gq1J2DvhAhx3xd4ouDrLFbXiL%2BNdJdAHXUXiSWQz%2FSwPBAMIVS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db97b9299-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame AB12 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2072106
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqpC1pytIcmmW6uaT0lBefkChbmYDUmHideh0Uqf52TxEx5rjn7wroYgurZXOi7HJQi1quD%2BOrZINU80xkW%2FuNOFPY3ox6%2BN0uP9Tehgsd10KaCtYkieLmDl5Y%2FIyNH8di05iEZON5tFyp3Z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2db97c9299-FRA
cshow.php
www.awin1.com/ Frame AB12 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=eb4dc24332b3d10c7c35b070c03a6898%2F11359549326198007310&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424154&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3zfqd60a0w5qg3as9d27q3pb19gg497tegm28aka8sf0ckyekxeazvwp3d54sr5n0kajgy0rp9de4s03hmaada8aq1aa5wqt9h21we5ke6w2btwa7scmeev9qqmte68g0s40t3m79345e4pggpcjdcs1c53wkjzc9smp0jw2jxw03zcs81jc73vqwp3h3xc9w4k3mdb80m6egcm27074cbjrd7m6b7s3e2pr5g3tp8ggbxmcvm2c7szgqv9mhptv35nvhwn9axf9st96wf8q8j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2guUrjFsZeqeOuiWjuwPo9OYoA6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0B0c4SAdls9VFNjJ2h--KW7rYlKDVtpKAlKgKry5LYv-r-NIi_b5wdAJUo_KxJcvD3uKinOU2YZag9vY3NLpwIAvpR2YJgsTJGrgy6AHwXQKgV0kuwCFyEGTTiZSh9vzYMP-shAIRRdHtDpvUFogmHAvmRWXeI7XEvWV4kRHEqjtc4PtWYtd3dtc8xV30l21_2n3UZsfgJlLUNMtwaWCuw0EYi07cZ_pr3BmGe9uCSXAiDxH59_WTYYoy4JMMtgSLqiRom2nPYtLR8vSx42E3rKTgofczHRKYluVJYoLJRDcycQwH9uhNaHtqCemf9k0uM4C3bm-0XVREcnJ1X3wYTAbl2fxAtyy91YIr4JKfhm2KuRZmYal5mAgKVYK0LDgfVccJ71wuP_vjLaG-EVjqwiWjiDImnRR5IAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli5ju_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3IVsosO2DngzQQlh1HqwN7kZgVAg%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 07:43:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A689 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2073443
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9wvKDHIfBNBUW7QanjimRxBfGhE4XQLrt4JJQwQ0gwllT0H5R1Adcl2usLSApzlmDgURX1TKVVpi%2FDcUGaKaOB0FR3imlh%2F82viE1BTG03YFx6Q1WvH0K%2BsK30mWtk%2BX5xBdV%2Be6F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82fa2e2dcdd918e2-FRA
expires
Mon, 04 Dec 2023 07:43:44 GMT
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame A689 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
452626
cf-polished
origFmt=png, origSize=5231
alt-svc
h3=":443"; ma=86400
content-length
4680
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:43:53 GMT
server
cloudflare
etag
"f16f7910a6ef14de318e485901cfa4a3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dc1fb%2BH8kUYTYyODydjAzqvy3eQ7Vnfw9v0k0diw%2BJrAjfkGIrqgLqZNsW9OTl3lf7uv8YcOoZOJAd3PU%2BRona55LIhvUGqTtytZysry9MMetOtHWl1QhaVf%2BsQHeVBqJkfkgeFWTkno2ga%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2dc9839299-FRA
B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame A689 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187102
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
35068
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 08:00:13 GMT
server
cloudflare
etag
"b517cdc8d5c29fc9ccb387e83f875610"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKFV62edERdP5od3XvA1v72rayJ8oakVoPnPTRjk%2Fb%2F17%2FpQVB0anMud%2FL6fWkVN2v8f4oKV9RLGgaoaaruNt9IeYOsvbRz7mGpGEb%2FCztvaCEFA3PDMoT86Psqkbhcg8uXzIk%2BhhG%2F5PvNF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2dc9849299-FRA
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A689 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
988795
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=na9ARgVyb2EF6jCIktpi0r98Xsklp0UaO4GDVb4ivmZS0GkGeeN9fjPgPoNZxGE1JBqLJCWts9t9l3ZPxEWyf1lalEGNddTx7aOI7meCMD7PYGE6FuwjcLWaR0vyf7q4QiBhPm1ANBCyFF4B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2dc9869299-FRA
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame A689 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
433901
cf-polished
qual=85, origFmt=jpeg, origSize=29026
alt-svc
h3=":443"; ma=86400
content-length
20740
cf-bgj
imgq:85,h2pri
last-modified
Sat, 21 Oct 2023 21:22:49 GMT
server
cloudflare
etag
"9e8c0f685f08676e3b6bec8849b76e69"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s26fkueAfHQP6YIireLuCrc%2F4fmTuseHwUH0cZ23FqZVK6MR3ghh%2BuYU6iSOLyKZRSVrrxLt8hmNVeUlqoD2%2BoM4wzORltuK2MfiThYmItR9LzrTBA0setwmmWdGAjEyPbm6TAL31oFIWBvG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2dc9879299-FRA
/
partner.o2online.de/a/ Frame A689
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJqGycni8oIDFbX2EQgdfnMPjw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202312...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 07:43:44 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Sun, 03 Dec 2023 07:43:44 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame A689 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
990063
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osFvu2Dyb%2Bdvu%2FBzuwVmKX4oQ4WhQ1yoGhIrNkb%2BjUagFs7FXPYUOAv2H8xJ7fFIW7gqSjffhsMtq%2B7zB9ElKEbXojwZYq4T1NksnSzA8AWfBIfU1%2BPR%2Fg2Gl9%2FkNfW%2BvHotVUeL%2Fp9cCRgZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2de9979299-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame A689 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261102
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31793
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 07:48:34 GMT
server
cloudflare
etag
"ac24017e395215a412b39d1cdc9c2ad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v5RqzCBXavudSzAn4emB5MLA85XgiDHGUVx2TLUHpfb14y9Ig1cAXDdo%2FL0AmR60Tt5ai7pWd2PKRHYooBSnUWQchw9XT0k2qKTEbEhb6uD%2FgEXkj2%2FYwsp%2FifaKIN82dEwRsHGOPdFFOQE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82fa2e2de9989299-FRA
ztpv.php
www.conrad.de/ Frame A689
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1701589424_af715ad0-91af-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1701589424_af715ad0-91af-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82fa2e2eea6baca9-TXL
content-length
0
expires
-1

Redirect headers

Date
Sun, 03 Dec 2023 07:43:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1701589424_af715ad0-91af-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
link.html
track.webgains.com/ Frame A689 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ga9j6xfj77hneh995g96x3h4bffk8b4exy1pb3bn496sp5khc6yaj0ha897ypc63432pdxtan4s8rcfe3w9mg6xg6b9v75dcmwyz5sh377ddw8d8067kfmch0b7kn0rwrbgefw5081d734q3j3y5s6eaz930bbyb7ftwd4d7pyn207vd2t7xhh94yvrwws8yt16qc65bfz1s3ykq7pmhqf48xyhdzha0kbskq3bekhqn23f60djt1qemvgqp047eb0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%252526client%25253Dca-pub-7554934826467559%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d21c351cd0c1ac3c8923eed366d8a180256b30eefa39e3a0c6a6ba5ea1102396

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:44 GMT
last-modified
Sun, 03 Dec 2023 07:43:44 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 03 Dec 2023 07:44:44 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame 4AD8 		44 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.3.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.3.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Sun, 03 Dec 2023 07:43:44 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
pvClk.min.js
analytics.webgains.io/ Frame A689 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ga9j6xfj77hneh995g96x3h4bffk8b4exy1pb3bn496sp5khc6yaj0ha897ypc63432pdxtan4s8rcfe3w9mg6xg6b9v75dcmwyz5sh377ddw8d8067kfmch0b7kn0rwrbgefw5081d734q3j3y5s6eaz930bbyb7ftwd4d7pyn207vd2t7xhh94yvrwws8yt16qc65bfz1s3ykq7pmhqf48xyhdzha0kbskq3bekhqn23f60djt1qemvgqp047eb0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%252526client%25253Dca-pub-7554934826467559%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:36:09 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
68856
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7IWMmQP85_1-Qmcr0lnUMu1-hQ1lGmsxz54Iq2V_lQXURw77U2KkVQ==
1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame A689 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1701589724&Signature=FEAPLvlnsIkkDHUZQWablwbciB7hO6oa-ZxO3uNdd47Nx9aQEhuBsxtNgpqvovVedofomW-PyXeAkxap4-SwrkwECviNP4puIRLhPUIvw6sUgJpbNEKn-q8GMhC7Z7YpTa-vU7RrGxUL2DhoGzlfQtAOLFPp0c2UzUaK99KjNm7iq8PYZ10pvJ13VlWwrycSDOHAhm5BcrwWb5sMKrKrI-Q~VqhIrW09683bpTqPH-j8RT51N0lfh71LxDQ2nbc~IN20oN5HLU8rfMAYzrrqs7axn9Vm2ZTRbzjMa3TQnPMjXEtRWJjdxEhcPGQH6S-A1fKQI2P0W2Otwwy5TshO8A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C195016%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=250&e=&g=3995d51bc2a9dbb3eeb3c7698d44cace%2F1787776233676355492&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701589424194&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g5tqfnx38jtrfq6f8dgkt0vpkjgq5ehr1x9qqbr3fnrz2vca97rd5yya4ey2h23ez0126ftcf6kjdvfb2ynpmfav9s77vypc0zzcf9zbpeqn195mgxtbdj03s4pa2564b4bbb3dwfxv7vzgzhpjceya2e7g11a5tcjhf7d285kxza22yfvcwxpetz2xyv08sagtt0y81vvrr29w1rs1jz05q8362prntw2vkc34dc31b3pwatbx2g8bf1x0b3qbsgpnpn7w36rett0gy58kq1yp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuRVOrzFsZe7wAZbdtOUPwbaDiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTU0OTM0ODI2NDY3NTU5yAEJqQKHFnI5ikKyPqgDAcgDAqoEugJP0Ig0ombUzbFS3jbiPIG43p_xdfZSofgfHSgMLMqgxxoH5sOfx99PeinEvD5t2X6J1d78KcjkeOULAfhEkxBW1W9gIR6Hj8cYGOex2WjN7J2SSbyfWz7WWEQPgLVHSH5vZFq0v9Ss0D6Pd3UQs1JyMqZCckcaOJTV_dE9Ws7hIQ-dyyx6Az0LU1SUFQyaNl87MtkAfa1cF_cAJrz3ajz-lkxy73sQbjVwAnOdq88UCv21ZWqpoRxn8Fd_YqtlNzokzyLPWMTQI3TxtLgyMZXL9BfDByF0UlPkEdIzDjyB6FQCznbJmFV_MgC9SO5516O0sKd1VPKxFZz8KbqlUc6duit33Ek3HwBmN0bcadNVECLA8HvtZ7_ro1VNOn3NHIjNbmPUrYCnC6rsmjvXVVZ3yu9wsWvsbu4jyIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj8ze_I4vKCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RBe8F3mqHFczfx-5GJMGWYFp54A%2526client%253Dca-pub-7554934826467559%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-55.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 03 Dec 2023 07:31:08 GMT
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
756
etag
"4e56b45a1411ee8d71fc40bc011df5b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
56674
x-amz-cf-id
D1Mzaw8jXbpD38plW6Qw-J0n7fYE3zU_7xQxvoirkAW9AuPJWJXhcA==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
baab65e129d79f784f688026a2958586a31e3bfc8b1a923d5e5b86edeb1c2073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12268
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=timebusinessnews.com&bust=31079890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 07:43:45 GMT
tracking-event
api.webgains.io/ Frame A689 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 07:43:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 03 Dec 2023 07:43:45 GMT
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 168C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
50990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 17:33:55 GMT
expires
Sun, 01 Dec 2024 17:33:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8A14 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1abe13edf359db98ad9ccda91668b402b0f3c0505155761421223428eb94cfcc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OeODaMTCjM6xP6D2paZqvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OeODaMTCjM6xP6D2paZqvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 07:43:45 GMT
expires
Sun, 03 Dec 2023 07:43:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 168C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
120667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:12:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1323519298565292&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 168C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?THUL8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 07:43:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1323519298565292&bg=!QkGlQQ7NAAY3kmNgF5I7ADQBe5WfOLTJMM7fWpdLCAn-wLZtmxJoIzhZsR6ecrHOcszNqnQXMZg2Y46nbjT8AvFYhHp-AgAAAERSAAAAA2gBB5kCuYsU8KMnMeGCEpp-Ze1wYqT_Ag2tAqLPzUac59k-5i98m4nuv_0JpDzzfjZphbBuEeiTAD1jQEQTG8XMJ01tcKxrRK9eddH4--J_bSKRG8JZU4Op96tsIgPuK5Fr7CsHUArezYDTyxXC0cnH9YpS0_Ab04ueiDuXtMNJHEjl4hmRWj3WxDfi3VG9Xc9z99wYaojB5DtAM_IHZ9vEp1YW6ECI9T9kqEPPDT1KMOj9KHL0PeBDIgEyPGvwF4Dotvb2woH4vw7LSNSyOrkXsQr-ywyE6gwtQBfke16Oj1FzK0jW9CYiX2AOORBhjF2l7bAo6MNq_NK4X7v1zkJyQRSuGDphgQ96rzaCxT8tnS8cgy5mpfKC9QgBuMwTrKgGy61zAwINIn6NCT6AJkbrs-sdpy496XMCs-DpaPsHnD20zj_5uqiM2CLcvNNr47xJf_Fg8QKZWFVPTTiMPw8eZH6UvGz_o3lV2hVk-coz84jYCeWIWkMVFsR75AvJ0C3HXTHfybiXJfIM3v8j8pUDK9QdCML3uSybSO6rlG5ZzF9BkvbRfEdERIiAAi-7kH02Bd57AnRK48TbQy-Z090IyJg635RtOYIP9x-BTlFMgZ5OIUCGvfLzEE7l9XOOQnCAdoCyeRG3bJ5oEG_ZteBsAwagHXNXZmROYKYuZIZ-YHOkRbv9pqcwHq0gjJbFcg2ekkxWyxIx8HtHMbZSAfQHVTi3IFaRKZ8nmKdVuBFAVVXWDSWEyLMWNtdi32oFuRmNLY1rbvsyOyKiMi8Qxu0N6_Yxt0TPaO0bLazuD3Ujhsdxsc0EMEPHa1AxH6L9dq0VfjGl6UA-tG0Wg1GssnbPOQilWcVt0FEWTPIBrdnlgsXVnOWVBtFaLExwEcpX8-kMn1oUbOg-172ih_2YI6qRuhUceCB0zx4h0ROjYXk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELlWsU9GJomPspGIerlUfIg&google_cver=1&google_push=AXcoOmTtYQ4GNa_u1VYLOJHBTve7HT_dovOlCXoDOdclvsASYsMgJERRuLjhft3Bv_wYZ4BV6L8rs5cCGy4zFZBSDsdjHx2nr4ZNWlUgXqgajGdfDQyK3UvPv8XPsk_aDrZWHwr3RGC-LgQU2VcsphH6t-d3ddtQ

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery function| moment object| sibErrMsg object| ajax_sib_front_object string| captchaRes undefined| gCaptchaSibWidget function| sibVerifyCallback function| fbq function| _fbq object| s boolean| daln_apply_ticker string| daln_nonce string| daln_ajax_url string| daln_plugin_url string| daln_target_attribute number| daln_sliding_speed number| daln_sliding_delay number| daln_rtl_layout number| daln_cached_cycles number| daln_ticker_id boolean| daln_enable_links number| daln_clock_offset string| daln_clock_format number| daln_clock_source number| daln_clock_autoupdate number| daln_clock_autoupdate_time object| daln_ticker_transient number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS object| webpackChunkStripeJSouter function| noop function| Stripe object| accounting object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| simplePayForms object| wpsp object| themeisleGutenbergForm function| _typeof function| _defineProperty string| html_output object| google_tag_manager object| google_tag_data object| gaGlobal object| twemoji number| $iceId object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| ILVideo object| google_llp object| googletag object| GoogleGcLKhOms

47 Cookies

Domain/Path Name / Value
timebusinessnews.com/kriti-sanon-immediate-5-0-evex-review-scam-or-legit Name: logglytrackingsession
Value: 9f8d72d7-8d11-4d2b-a5c5-0080aaa2241a
.ad4m.at/cookie-frame.html Name: userId
Value: LLfkRPFdh3_9jTio_ufdYD0qevcMkQW_
.timebusinessnews.com/ Name: _ga_Y791HGRGDN
Value: GS1.1.1701589421.1.0.1701589421.0.0.0
.timebusinessnews.com/ Name: _ga
Value: GA1.1.1309634682.1701589421
.timebusinessnews.com/ Name: _fbp
Value: fb.1.1701589421470.1273594979
.infolinks.com/ Name: cuid
Value: fbd5ce48-00e8-4b8c-99b5-0b24d6c4021b
m.stripe.com/ Name: m
Value: a583f2ee-b538-47e1-a936-44fbb76d34fa34dbde
.timebusinessnews.com/ Name: __stripe_mid
Value: d0202d5c-e12b-4c42-bc23-a4d3a12fd916394efd
.timebusinessnews.com/ Name: __stripe_sid
Value: 32d92b2d-1428-4b59-b2b9-e25e34e42c523d552e
.bing.com/ Name: MUID
Value: 34412B9469F16AAD1A953848687A6B8E
.timebusinessnews.com/ Name: __gads
Value: ID=67fc342e4ae6b84d:T=1701589421:RT=1701589421:S=ALNI_MbCkjyVR09V5qqaexKrULs-ePYBow
.timebusinessnews.com/ Name: __gpi
Value: UID=00000d01c7407e11:T=1701589421:RT=1701589421:S=ALNI_MbkJI0Apxz_FM3JJPl0oEnJEVTCyA
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22702CDB96-06D1-4A66-1A61-DC58F1B80DF7%22%7D
.de17a.com/ Name: guid
Value: 1.7749816617879404705
.doubleclick.net/ Name: IDE
Value: AHWqTUlt1zVKwsSCfzvPIqptId117Li2EfXiRzmbLVJ0jPbJ1fO6NRA9T3CpQVVzkPY
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWwxrwAEGY1dKgAM
.innovid.com/ Name: uuid
Value: 2cf08d2e-7a3a-46e2-aac0-314da50c5f45-20231203 02:43:43
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EHsBCQHJKoEA
.quantserve.com/ Name: mc
Value: 656c31b0-042d5-91c76-43a17
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22702CDB96-06D1-4A66-1A61-DC58F1B80DF7%22%7D
.turn.com/ Name: uid
Value: 3168196067979120013
.simpli.fi/ Name: suid
Value: E98373B92ED245EE9DA03C1B778B00AF
.adform.net/ Name: C
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7308270927301769355
.adform.net/ Name: uid
Value: 411484416489587557
.yahoo.com/ Name: A3
Value: d=AQABBLAxbGUCEKRidRcNpyd04gRmo_NRjcIFEgEBAQGDbWV2ZQAAAAAA_eMAAA&S=AQAAAinRlfuzjIxJeCDhs1dcu5c
.ctnsnet.com/ Name: cid_8aaf91f2d85d4430a11109461673badd
Value: 1
.ctnsnet.com/ Name: gid_CAESEGWjgWJ_RaQle2i6gYNC8d0
Value: 1
.w55c.net/ Name: wfivefivec
Value: 0vTH9UBx1R9H8I5
.w55c.net/ Name: matchgoogle
Value: 5
.awin1.com/ Name: awpv14702
Value: 412871|1701589424|af6f8610-91af-11ee-85f5-22347f548c7f
.awin1.com/ Name: awpv11354
Value: 412871|1701589424|af715ad0-91af-11ee-85f5-22347f548c7f
.awin1.com/ Name: awpv20044
Value: 412871|1701589424|af709780-91af-11ee-825d-22629e669530
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.tribalfusion.com/ Name: ANON_ID
Value: asntmIxZduB6RApTrqeUpNfVMdQ9lQ45GVqNIZbiOovN2Fv8baaPWbB8xSHdhi7exlclAUFFwQfA32b15AUZcYRVXsh
.simptrack.com/ Name: ntm_tps__4011
Value: .NNNORPPXdeguN4YoRg3YcGW-yygz3fOj-dUqDh4jfafsKwLa8TiBfD-HiHVzrBqCBWKzWD0CR7jTmzJEgXbi8GUPpuMM7UahkfBmLsj27naei7dQPnlglFnyJ3vc8Uw9q5WF6QtgLnZyJeceI2zqbDC9zmhyMdsx8avwVcjdv5I4l3G-NOVc_e9gTEsdAnc2JJwfvJEoykt7OzTlY0XXBGbs3UFc8SKVp288_s_4pTR6c293JbSYGabAhomf2JlmWkhtPX6ogMmxxJ4JNK23TPOZReHjBJTNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: 23a726c25cd4717d
www.conrad.de/ Name: HTLP_timestamp
Value: 1701589424492
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: qf9gTkGDZg772F8okLra9EQB01aDx_tYQKSa6Wo67FI-1701589424-0-AZI7tn4zWtw9P8lvb0hb6ihSHjaO6ujSuUrd1N1XPhGYnTbV8h0+EXPJVIKjTFDEMcg/sIbqFxT+QkupwX6GN2Q=
.doubleclick.net/ Name: APC
Value: AfxxVi6K3Jc0XgTKduHTA_e4SaskRyDNZz9euYp8XzxXfcCoK3mFkA
pb.media01.eu/ Name: ASP.NET_SessionId
Value: oma1itmblr4srpnu5k2cxkdi
pb.media01.eu/ Name: DTU
Value: 022B22758F5205E7503031AEFF5ACC5D
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNzAxNTg5NDI0dmxlYTFkZTIwMjMxMjAzMDg0MzQ0OTA5ODkwMTEyNDNYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023120308434490989011243X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNzAxNTg5NDI0dmxlYTFkZTIwMjMxMjAzMDg0MzQ0OTA5ODkwMTEyNDNYMTE3NzAzVjEyMjYxMzI3MDJNU

8 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://timebusinessnews.com/wp-content/plugins/live-news/public/assets/img/clock.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmSHbcOQnTKQ8wBE7XNV-JzOuEttCewo-eR7LDN_Dx9S1NYJDSVZnYp7RpHHCAnK6SQQkGsGK1ZUI-32nJqn0hGTlTnv8GSAPg&google_gid=CAESEHPZoFB1XOnZ0pNBzV9scFY&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adsdk.microsoft.com
ag.innovid.com
ams3-ib.adnxs.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.adnxs.com
cdn.track.production.webgains.team
checkout.stripe.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
imasdk.googleapis.com
ius.ctnsnet.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
newslolo.info
node-10.zeno.fm
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
q.stripe.com
r.turn.com
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3053.infolinks.com
rum.corewebvitals.io
s.tribalfusion.com
static-de.ad4mat.net
stream-156.zeno.fm
sync-tm.everesttech.net
sync.teads.tv
thumbnails.infolinks.com
timebusinessnews.com
tm.simptrack.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.bing.com
www.conrad.de
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
googlecm.hit.gemius.pl
q.stripe.com
104.102.45.165
108.138.36.55
142.250.181.226
145.239.193.130
15.197.193.217
15.235.86.218
15.235.9.228
151.101.128.176
151.101.194.49
167.233.13.224
167.235.3.16
172.217.16.134
172.66.42.247
178.250.1.9
18.184.108.41
18.66.147.98
185.89.210.46
192.124.249.3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.180
23.32.184.180
23.32.185.35
2600:1901:0:76b9::
2606:4700:20::681a:58f
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:c0cb
2606:4700::6812:19ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:46::45
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:26f0:480:22::1726:62f9
2a02:fa8:8806:13::1370
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:d09c:564c:cd27:b30c
2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8
2a06:98c1:3120::3
3.10.29.13
3.11.198.160
34.160.236.64
35.186.193.173
35.190.0.66
35.204.158.49
35.244.174.68
37.157.6.254
44.239.110.139
51.89.9.254
52.29.13.21
54.187.119.242
84.200.5.215
85.114.159.118
88.198.250.30
98.98.134.243
99.86.4.85
0252d5d143b3ea212f6d7e377cf1d52983921e7ced52ffa9a41e04bfe4b8d737
072f0c64dae4905a6519fee8e36fd72519c17367346bc565d240f37a9599cee7
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09f417c2e643b736c19e96b99e166681af1002e9b192b84e4e85b0794e764f7f
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
15f9685f08ccb058eb591b078acf451d72a83517fe04ba8ae66bba3e34242095
171b53ac6c2b6c6465d43bf526ad79f892551eef87d62385642c08b8d2122038
1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9ed50d9775025a3cf6ed71efefc6ddabadd41252352c5bf88a1888b803cb05
1abe13edf359db98ad9ccda91668b402b0f3c0505155761421223428eb94cfcc
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1ca48890334cdae639776ec9db15d2d4ea235e00fc94a3c75a71999253779014
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
24612c451d85b2abd40e9eeb2089bb0be33ac6f093197dd435db0384310359b9
2632c0d7e4a3ef72071fec72897a1a6d415a8d8e3692f2c79e0086f5f80251b0
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89
291633372323ca033d63c5977abbbf87930c3976339eb2b3dcdd174b7a0ca462
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7e011b0029ab0b5986df4acd6e8875ef37c786f800f7313e6a4d0b435ebd5b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30d313c46998f8889e0d2319b91d63a58f4b399266f9e1fce7ad9223559f6273
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319f4bf962a67269c510dda875088e081b63f5bec15049c2c545e9e9fe49c87b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3623fe0fc000c161bb50b02269fda9c8e4a1c46e938c2e6935fb53ecc4e0b61f
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3afda2fdbd6d7adeaaf6b65921794aab30f331e1dfd82b0e5b4b9fd9cf7f87cf
3b2ec238ef4bfe965d6a209f6cd7a09eb87324cc2de3c4e4a21cc49747733742
3c288f0c3cb0999bbd6a9f6486f6b13064ead24052234ac35f8b053b9db9ae96
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
4116494440674c358b511b37813b3c59547cd9609a05c84952fcd20b3c0d4dcc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
44f146188deef37d072131ed83585adf7469b1a7c817cb55b27badbc93e0b4b3
457e1548ab4b227704b01d9cd1a5185810f2506931427fe0b33dbcc25e7e6900
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46cfb50fdbb3f533c776c95ac40abdb8a0d8fb4369cedcc041d993109afd21c8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b351076fb2700f0ef81c8e3b70ade21ffd29252556d548b92a3597adc72fe7
492b783a66b9e65b6f68f8665bfcfa1cb8dd711c5b09cf2f21217e58b0ddf7ff
492bf308c2763608e237de72d214fa21ee9340b669699cc965a70e6995deafd4
4a31a8733940d9d2cb4e98b82b96ecb180ce1de0fc2a8e6397e6bba48aa33c46
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a4c1a781dc07cb1ab7318e9e62e3067fc14965b99c6c4ee1dd5016552f53a91
4abb42638aed204a1a1d5e9531ea94c593f2bbb9b3b33f6eb780a129f337600f
4c8d840959b4488cd31b2a56f3cc54f8bc25f071793a7d1bfe7a672c3285e6e3
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dea1b53bf41f4c95852328762f93092299bbe2eb345d2d93e12433ac201809f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa015d16354b4df9b9c8070b184bffcf2d5cacb4c916ea8f07272ad7072668b
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
534705c44bfef366cfe7658ad162477ab0a566f481bd19a5c42df5f9ed2ef587
540cac4f7fdc7baf0de9c039f3ffda191e395568e46147bc5200c803cce3a1da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a
5973c113b5f8042aa73dbf197f9faa10fc884d3fb48a792c827768198c34978a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5e6fa1be9f77c9fafce777a4f710b20dbd3c321f1618db7a70501efb33a38357
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61476c3a6a9b25997232dcd51db342526f5d11e4516d32794b169996785d80e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cf852dd0e35498a44caabd01e5514caa0e231fc58062d70c45ba1b85a24e2f
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63d576b7e46477e414fccfa292d0415a192bd4a3ddb8ef4452f94d84554e18ab
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
70f2816bb5c89cc42a6b22abed34baf34e3892af5767f882299570d9e9a1f066
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72a49fede80d5cbcbdf9559fa9b4e73faf379efa73fd687afba54166c8659abc
730a9f0201ace270ad005fbb950cb553cd84930afdf9f42fb8f90d03cfac71a5
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7b86239efb3540d33bd5dc7d3dd3114b42ce3bb290731337ae94c0668a654703
7b878ce03b33e0c45c8df05f9d05967c260a2a6e5130b625043f01998c2b54cd
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7dfcfff070cbfeb929f6cb8b743d691bb330b294cf9b6b387c43428ded8036d4
81264a0be7d9cacdea4629e9a6767a492f8b31e3feb798cced3c7edfec1fccc2
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
832b3fdb0b57cb5282386e68e09eff6cfefb5b726cc8bbd1da1d75824061340d
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
892ad871b20b91539dc1373b5a235b724bdcd9d8e7b42e5e9254ce036dfb5405
8d318dbdde4b73ed190755e5fe16a1c2703ca646f3b77205a91bec9623de0280
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d91b308df206c0c1fe2e2b445c4a8630f48ba67abca1f461b3f57eecb95aa58
906a1c7b899193c5ff4f6a373f6584155142dcaaaf3d7d2c2c71bd3cd02a8b42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
94a0c15801bde3ded663502a0079c3138d25ec15867c124463a7a535773b7ed1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a458d2e87456ad53712019d626980dcd801d211d7d460383d61fc816e6a2c7d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9cb5708ecf7142827fa68b68f8094fc2618b1b2172e3164d72f9c90297b24000
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a63fe820ac9b99729aaae345bb4bc4a68ab5b530237a9888a4ac254275106871
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad0259410134d69c9fa5ef9803d6db459ba7b6dbd3984771254116d87a2a1ec1
ad3c268ed3718f4e5a140140aba88623e8d9a04ddbcd78600135b5cdbeaf9c7f
ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1
adf7da977fc96827c548296633c24906f32f190e859b5387fe60bdc9fec684ad
afd6d7c0caefbe96d8bc4cef16463baf8f856fe0d2d440aea6319adfebe7239c
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
baab65e129d79f784f688026a2958586a31e3bfc8b1a923d5e5b86edeb1c2073
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
bcac1ff22ff98972c54b758890f61421a5948925a8119fcdab142b17405b67a9
bdef48ff8660900de4a32b3f598f602be4849e068de306fdfcff63df74d16fda
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c5f9e7c66e9b1e5c7af42a6a5385263ae4a5b3d4865eebfe0fc7f7dda0a2d63a
c6eac1716ca623f3f58f59411d6716ccc14634d1782e534a04f5630f22600535
c755141c8274808bcb6f08e0d5afafd72989a6622f25290b80b3a5e98ddbf497
c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc6d6250835c3d26e7301d608ea746588342bcb4e3b1132ea55cceed814200b4
cc9c7b14fe952d6377ff29fb3c1e11624e1528af914793a248b5ccabbb06e7ae
cdc2e083b6659e0eecd4cd1077eb6dcf86f43e7ba0e75e514d27379662588210
ceb9bfd1802f1acd83e5b9fe259ec3bf8deecf2035c60261410dd592b1121d82
cf38b342d40845ac50e58119e79bc3df0270bbeff1d1328a02ed0f7615708a1a
d21c351cd0c1ac3c8923eed366d8a180256b30eefa39e3a0c6a6ba5ea1102396
d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d6b48677f299622005df997dabe3b5bfafd35d0aa7aec7a07bcf6ad375353c1d
d90ca8867369e943ffcedb93db45784e14d108a266fb5452504aca90be075962
dc0be9905c2d742e2f332d9a55a360ee623bcb146430420d3b39c3b71deaa7ac
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e379a211e75642755c7b975859d84ebf76697490618e8a6127a41036ef82f2df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1eef3bf8b164a3b750fb68c7783394cf20d124ce228b1150b8814573db42d
e4fa2bcc7507e23fb226bad104bd3c526149ebc9891afbc4bb3a4a0c88afded3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e9d54383a1ae1cc16b30c0a748ff78cebfffede0e53dd7821dfcb6328ccef47e
ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af
eb7a1a795c32ef1c98ae56859438a15c4d930427b61e732bd5e8507d1c3c254b
ef9aa01518c72e51519a532db46214b026f733828cc264836927afa2908c7cbf
efd7b2c5da606a6115af81568b78ba679b912bd81420ac2e3bed2107ee373aa4
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0882e69552803b56175539fd69a358c8a8c1c549f1b5ee857375ade3874d88d
f11fcfae0705a4f2804e0e173c2f76dd28ed3cef92ba68f2f89c1c762ce55d98
f3384b188fbafdb43114dc0935159113c48a3085159ddbc307d875b9dacad8ce
f6d0504b21c48139f0f66a4d54c880ba912eca2279444104c2bd921d01e7d7fe
f893d0b012eb8213fb5c54ef29d8f6f5fdde8bfc49d8155f07660c50f6ddb507
f93eccd1d7e1474f80a9438dd46237ba811dc56aabb5158f10c46148a17a2dde
f94250c7381973ae166089798321fb404afff3d3695679a03d78ab7ac4766376
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
ffb300acddd3b86e2a21415db70318bea9705de0260d35ba73c2b8fd6eab668e