urlscan.io logo urlscan.io
SecurityTrails logo

dd.fhmtk.com Open in urlscan Pro
66.29.132.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dd.fhmtk.com/
Effective URL: https://dd.fhmtk.com/?p=12
Submission: On April 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 98 HTTP transactions. The main IP is 66.29.132.46, located in United States and belongs to NAMECHEAP-NET, US. The main domain is dd.fhmtk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 18th 2024. Valid for: 4 months.
This is the only time dd.fhmtk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    66.29.132.46 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business138-4.web-hosting.com
dd.fhmtk.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
15    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.173.154.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-117.muc50.r.cloudfront.net
c.pubguru.net
m2d.m2.ai
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
4    2606:4700:20::ac43:4901 (United States)

ASN13335 (CLOUDFLARENET, US)
striveme.com
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
5    3.123.75.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
a3.pubguru.net
3    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net
fundingchoicesmessages.google.com
15    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
372 KB
20 fhmtk.com
dd.fhmtk.com
374 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 402
104 KB
7 pubguru.net
c.pubguru.net — Cisco Umbrella Rank: 46011
a3.pubguru.net — Cisco Umbrella Rank: 40511
105 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
439 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665
www.google.com — Cisco Umbrella Rank: 2
120 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
8 KB
4 striveme.com
striveme.com
257 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
169 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
4 KB
1 m2.ai
m2d.m2.ai — Cisco Umbrella Rank: 91350
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
252 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2280
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
87 KB
0 Failed
function sub() { [native code] }. Failed
98 15
Domain Requested by
20 dd.fhmtk.com 1 redirects dd.fhmtk.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 pagead2.googlesyndication.com dd.fhmtk.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 tpc.googlesyndication.com dd.fhmtk.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 fonts.gstatic.com dd.fhmtk.com
fonts.googleapis.com
5 a3.pubguru.net c.pubguru.net
4 fonts.googleapis.com securepubads.g.doubleclick.net
4 striveme.com dd.fhmtk.com
3 www.google.com c.pubguru.net
www.gstatic.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c.pubguru.net dd.fhmtk.com
c.pubguru.net
2 securepubads.g.doubleclick.net dd.fhmtk.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com dd.fhmtk.com
1 www.gstatic.com www.google.com
1 m2d.m2.ai c.pubguru.net
1 region1.google-analytics.com www.googletagmanager.com
1 secure.gravatar.com dd.fhmtk.com
1 www.googletagmanager.com dd.fhmtk.com
0 invalid Failed c.pubguru.net
98 20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
wa.me
striveme.com
www.ar-themes.com
Subject Issuer Validity Valid
dd.fhmtk.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-18 -
2024-07-30		 4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.m2.ai
Amazon RSA 2048 M02		 2023-09-10 -
2024-10-09		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-19 -
2024-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.pubguru.net
Amazon RSA 2048 M02		 2024-02-25 -
2025-03-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://dd.fhmtk.com/?p=12
Frame ID: D5D287E2FA6EA654A9132FC935FEBD3E
Requests: 59 HTTP requests in this frame

Frame: https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F2CC575DB44374B3359AB3D9DAE11BA
Requests: 1 HTTP requests in this frame

Frame: https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0002484187D9EBA0E463F9D81F28A4CD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: CE11A3DAB4B63BA508BE9A9DC9169616
Requests: 11 HTTP requests in this frame

Frame: https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B543B7EFC90E0DF149DE4C7577008082
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&co=aHR0cHM6Ly9kZC5maG10ay5jb206NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=ypv798kpjo0u
Frame ID: 3EAD116F14B21E98B448D355D3E2B30A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: D66A411870D2EC2CFEAFECAE2D251185
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: 84022D43CEA932B038851192B663FF16
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP
Frame ID: 9F1C86B284763EBA05811AD1F2737743
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3B00024F4D068E16898534C97195919
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

سيارة بوغاتي – DD

Page URL History Show full URLs

  1. http://dd.fhmtk.com/ HTTP 307
    https://dd.fhmtk.com/ HTTP 301
    https://dd.fhmtk.com/?p=12 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

98
Requests

94 %
HTTPS

65 %
IPv6

15
Domains

20
Subdomains

21
IPs

3
Countries

2041 kB
Transfer

5770 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dd.fhmtk.com/ HTTP 307
    https://dd.fhmtk.com/ HTTP 301
    https://dd.fhmtk.com/?p=12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dd.fhmtk.com/
Redirect Chain
  • http://dd.fhmtk.com/
  • https://dd.fhmtk.com/
  • https://dd.fhmtk.com/?p=12
124 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
87cc848d668bf2270e360f5f1fddad192885469b1662aa248c562ea628410280

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 23:46:05 GMT
link
<https://dd.fhmtk.com/index.php?rest_route=/>; rel="https://api.w.org/" <https://dd.fhmtk.com/index.php?rest_route=/wp/v2/posts/12>; rel="alternate"; type="application/json" <https://dd.fhmtk.com/?p=12>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 23:46:05 GMT
expires
Mon, 15 Apr 2024 00:46:05 GMT
location
https://dd.fhmtk.com/?p=12
server
LiteSpeed
x-redirect-by
redirection
x-turbo-charged-by
LiteSpeed
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92e6b263c2aeeecf8ecf0c9675bbed598d3392e85d02eb24120c0e638e642588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29538
x-xss-protection
0
server
cafe
etag
426 / 19827 / 31082723 / config-hash: 10044149075479355345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Apr 2024 23:46:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8511048638520118
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
96aff4e9f88d240cb8b86e3cf1909f60cd7c7d6935dd0a261e3f4262287a5856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51145
x-xss-protection
0
server
cafe
etag
614728744236123729
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Apr 2024 23:46:05 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHSVJRPB5R
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab04eb8605f6c8732783d074609d13c078a058856e7ea10c622c7b7d7cfc4954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88669
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Apr 2024 23:46:06 GMT
style-rtl.min.css
dd.fhmtk.com/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 23:55:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14048
expires
Sun, 21 Apr 2024 23:46:05 GMT
style.css
dd.fhmtk.com/wp-content/themes/bahr/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
24cd49deda453a2cef4d9f8d36e606af1040c874d651714ef5f24de9d848b772

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15870
expires
Sun, 21 Apr 2024 23:46:05 GMT
animate.min.css
dd.fhmtk.com/wp-content/themes/bahr/css/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/css/animate.min.css?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3733
expires
Sun, 21 Apr 2024 23:46:05 GMT
jquery.min.js
dd.fhmtk.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 02:44:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
29744
jquery-migrate.min.js
dd.fhmtk.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 15:19:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4678
rtl.css
dd.fhmtk.com/wp-content/themes/bahr/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/rtl.css
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
014d1396c9dcab6c33acbe7d8def9909c59352474aeede15759cfc04146196a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2501
expires
Sun, 21 Apr 2024 23:46:05 GMT
pg.fhmtk.js
c.pubguru.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.pubguru.net/pg.fhmtk.js
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-117.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47e47eaf321a6896f0e6416ff9d7951a7240a856f891749ce83a86af010057dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bP5_cBc3nf0.DpeG_z85_cnBdNPIUUXy
content-encoding
gzip
via
1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
date
Sun, 14 Apr 2024 23:46:06 GMT
x-amz-cf-pop
MUC50-P3
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 10 Apr 2024 14:11:39 GMT
server
AmazonS3
etag
W/"83f0f296ddd9b1edc2d4e6105cd6c36c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-id
CXt4XVHXMtJA3PpqLqxAef9o-Gmgum69f8wH52DiUXB4cyVt46qFjg==
/
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/?s=80&d=mm&r=g
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sun, 14 Apr 2024 23:46:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="none.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
alt-svc
h3=":443"; ma=86400
expires
Sun, 14 Apr 2024 23:51:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157224696357601
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
a74008887d6a748a86213a92f835604b386b6f9a324dff4937d1892248410a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51396
x-xss-protection
0
server
cafe
etag
9351160750610209246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Apr 2024 23:46:06 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-1.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-1.jpg
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6df6061433cb941cfb2ddcfb11c78f11c17a68b39e668b30dd0500a60b5084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10731
content-length
98495
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:31 GMT
server
cloudflare
etag
"62b192ff-180bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ebn73lYYe9ikn2A%2BMw0XPoTlxXfotGStSQEiUKdB2z%2BshNGLrpUkHLJrUhSTWo9IG8n%2BWoZBocNEqpln%2FCzYaIEYU0HQlWMs77l3OcNhUlygopol3GmFJvGxwQ1YsxiThEoSEyTy0jLjKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874792c1bf1e1997-FRA
expires
Wed, 17 Apr 2024 18:04:10 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-2.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-2.jpg
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce44ccff82fc30d850f4b9ce5d47b1b727f9600d24b0f3bf2b755d7e0795304c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1082
content-length
80119
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:43 GMT
server
cloudflare
etag
"62b1930b-138f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqNSCNusNtuJn1EH7KIZGv9KOpEduDgH2hVVmZ1%2BEzk%2B%2BZSl59sGcEXYgNlefhfVYnKQ1BBVgXQFz9HaH6rykiqZGN6dyHUQlP60gxIrjuZ3zbpIiJQZMevm5n7mOJ1jAglesGubs2CuQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874792c1bf1f1997-FRA
expires
Sun, 21 Apr 2024 03:44:06 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-3.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-3.jpg
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9122761c316ef0bf7010f8a4005233de4a7963a7fa519cf50955a4e354f3729

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1082
content-length
74223
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:55 GMT
server
cloudflare
etag
"62b19317-121ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGSke57s3mQzfdqLUQ7d0prP2Ef2VpMx7t2A8I8IlwEq%2BfmaE2LUqT19JuasgOpyXqtZFHf%2F8EJNsQcZipudeXowMh%2F2V5rCXyuwm2EDsgZ%2FKoUZBZ8u8SkfeEcxlpdIC6aXAkKDbxnXoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874792c27f771997-FRA
expires
Fri, 19 Apr 2024 22:24:45 GMT
default.png
striveme.com/img/default/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/default/default.png
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4901 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e34a19e0b985c840177b483cc1fad9b02a2ede18773f92acf35c73cfe6eed4e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2017 11:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15929
etag
"59f70c43-1f62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hXGFpzFwS7XapBX99BxWwNErcds2WKsLJvSOIDur72EqY7kxIzMyhhWE8vI8OQFml5ZbM8XIIDilSLVYh%2FrBNLN9kgeiITqrYdI6TEr1h3kDDXtUhnI6tXyLuuPnoJXDhTZunEH8RUwJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874792c27f791997-FRA
content-length
8034
expires
Wed, 17 Apr 2024 19:14:46 GMT
2c268c9c-cef5-4881-bb46-2decb2846b6c
https://dd.fhmtk.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dd.fhmtk.com/2c268c9c-cef5-4881-bb46-2decb2846b6c
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
font-awesome.min.css
dd.fhmtk.com/wp-content/themes/bahr/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6281
expires
Sun, 21 Apr 2024 23:46:05 GMT
hoverIntent.min.js
dd.fhmtk.com/wp-includes/js/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:05 GMT
content-encoding
br
last-modified
Sat, 09 Apr 2022 05:37:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
668
wow.min.js
dd.fhmtk.com/wp-content/themes/bahr/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/js/wow.min.js?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2576
jquery.sticky-kit.min.js
dd.fhmtk.com/wp-content/themes/bahr/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/js/jquery.sticky-kit.min.js?ver=1.1.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1194
theia-sticky-sidebar.min.js
dd.fhmtk.com/wp-content/themes/bahr/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/js/theia-sticky-sidebar.min.js?ver=1.7
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1631
scripts.js
dd.fhmtk.com/wp-content/themes/bahr/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/js/scripts.js?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8762c3da365e2c392b99d8ca2ee3bab9157dd95df7abb86d0f9a3681b22a48c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3056
skip-link-focus-fix.js
dd.fhmtk.com/wp-content/themes/bahr/js/ 		880 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
380
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8511048638520118&plah=dd.fhmtk.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8511048638520118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
a74468ed44176f7781c176838888d27e3d801f927b9a534d173260b113621e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141588
x-xss-protection
0
server
cafe
etag
3969857702503418520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Apr 2024 23:46:06 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/ 		448 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
49498
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143226
x-xss-protection
0
server
cafe
etag
18387702370034619198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Apr 2025 10:01:08 GMT
Al-Jazeera-Arabic-Bold.woff2
dd.fhmtk.com/wp-content/themes/bahr/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/fonts/Al-Jazeera-Arabic-Bold.woff2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
daf6aaa186a4d54af9938e17fbf8bb7b9fe3f3345f93d6cf0c3360cab8c9ae0f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15780
expires
Sun, 21 Apr 2024 23:46:06 GMT
fontawesome-webfont.woff2
dd.fhmtk.com/wp-content/themes/bahr/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
71896
expires
Sun, 21 Apr 2024 23:46:06 GMT
Greta_Arabic_Regular.otf
dd.fhmtk.com/wp-content/themes/bahr/fonts/ 		154 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-content/themes/bahr/fonts/Greta_Arabic_Regular.otf
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/wp-content/themes/bahr/rtl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/wp-content/themes/bahr/rtl.css
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Mon, 18 Mar 2024 23:56:56 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
157992
content-type
font/otf
ads
pagead2.googlesyndication.com/gampad/ 		85 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=817548287874264&correlator=3734910112523881&eid=31079956%2C31082723%2C44782500%2C31082137&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2CADX&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&sc=1&abxe=1&dt=1713138366291&lmt=1713138366&adxs=920&adys=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&vis=1&psz=599x250&msz=599x250&fws=4&ohw=1600&ga_vid=277875272.1713138366&ga_sid=1713138366&ga_hid=80849075&ga_fc=false&dlt=1713138365586&idt=688&adks=2832965230&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
78dc62a6fcdc861f3c280f7f123a16f7b31e016ef298477d20f9909de67a40a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27656
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dd.fhmtk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		54 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=817548287874264&correlator=3734910112523881&eid=31079956%2C31082723%2C44782500%2C31082137&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Cadxx&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&sc=1&abxe=1&dt=1713138366296&lmt=1713138366&adxs=492&adys=2775&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&vis=1&psz=599x90&msz=728x90&fws=4&ohw=1600&ga_vid=277875272.1713138366&ga_sid=1713138366&ga_hid=80849075&ga_fc=false&dlt=1713138365586&idt=688&adks=2843707456&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
ea44e09046d9014e6195a6c8b0e1d97ab2716b2b544bb3932460bcea465b2668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12980
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dd.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		53 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=817548287874264&correlator=3734910112523881&eid=31079956%2C31082723%2C44782500%2C31082137&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Cadx2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&sc=1&abxe=1&dt=1713138366297&lmt=1713138366&adxs=492&adys=4359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&vis=1&psz=599x90&msz=728x90&fws=4&ohw=1600&ga_vid=277875272.1713138366&ga_sid=1713138366&ga_hid=80849075&ga_fc=false&dlt=1713138365586&idt=688&adks=2962858167&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
04ecc928b3772d0fa3d451e2d2f89e677b21f3a88b6d5d2e204722d3a183d403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13233
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dd.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		54 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=817548287874264&correlator=3734910112523881&eid=31079956%2C31082723%2C44782500%2C31082137&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Ca1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&sc=1&abxe=1&dt=1713138366298&lmt=1713138366&adxs=492&adys=4893&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&vis=1&psz=599x90&msz=728x90&fws=4&ohw=1600&ga_vid=277875272.1713138366&ga_sid=1713138366&ga_hid=80849075&ga_fc=false&dlt=1713138365586&idt=688&adks=1040993628&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
1826b41a5b5913ded25f3d10a8107d875f1b5c498c9d15a9cd68fa31e60d5505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13012
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dd.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		85 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=817548287874264&correlator=3734910112523881&eid=31079956%2C31082723%2C44782500%2C31082137&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2C34&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&sfv=1-0-40&sc=1&abxe=1&dt=1713138366299&lmt=1713138366&adxs=920&adys=5978&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&vis=1&psz=599x250&msz=599x250&fws=4&ohw=1600&ga_vid=277875272.1713138366&ga_sid=1713138366&ga_hid=80849075&ga_fc=false&dlt=1713138365586&idt=688&adks=3191850564&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
a7325d43e37a1e7f1980146776b0ff73244aadd103a9ae2639d1b991ba7f84a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27710
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dd.fhmtk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F2C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 23:46:06 GMT
expires
Mon, 14 Apr 2025 23:46:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
c.pubguru.net/v/ 		337 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/pg.fhmtk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-117.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11dc67bacd54229ac95a9c06d778c326771a334bfd1963f1cf21f48059b4d392

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
crSLBN3xUtWDqL4bGHV8ucfwjwCZ5LKn
content-encoding
gzip
via
1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
date
Sun, 14 Apr 2024 22:13:26 GMT
x-amz-cf-pop
MUC50-P3
age
5917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 10 Apr 2024 13:44:14 GMT
server
AmazonS3
etag
W/"7f39d294187f31e7198141237b4afacd"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=14400
timing-allow-origin
*
x-amz-cf-id
cJzwP0SecG8D6Cw8kDOe8_dgrbwybSIXW58RpPMzgM4mziYKxQF0LA==
wp-emoji-release.min.js
dd.fhmtk.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 23:55:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4676
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZHSVJRPB5R&gtm=45je44a0v9133976942za200&_p=1713138365597&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=277875272.1713138366&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713138366&sct=1&seg=0&dl=https%3A%2F%2Fdd.fhmtk.com%2F%3Fp%3D12&dt=%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20%D8%A8%D9%88%D8%BA%D8%A7%D8%AA%D9%8A%20%E2%80%93%20DD&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHSVJRPB5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 14 Apr 2024 23:46:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dd.fhmtk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-8511048638520118
fundingchoicesmessages.google.com/i/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8511048638520118?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8511048638520118&plah=dd.fhmtk.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9a8d9b50817ec70d7ba99e2c78b2e4661a90c5911561462ce5e2468ab82caec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XwCVmbNuQfqTzvvO2de7gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-XwCVmbNuQfqTzvvO2de7gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo59Vz9uYBNYsGXODCYA_dArKg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
a3.pubguru.net/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/?device=desktop&domain=fhmtk.com
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.75.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
21d96d766206495974ccf53af44ec1588a94faae4faaaf26d291f2d6ecdb7b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Origin
content-type
application/json
access-control-allow-origin
https://dd.fhmtk.com
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
2
content-length
138
stream
a3.pubguru.net/ 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=immediate
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.75.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Origin
content-type
text/plain
access-control-allow-origin
https://dd.fhmtk.com
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
4
content-length
2
stream
a3.pubguru.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=test
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.75.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
invalid/ 		0
0
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
tc
a3.pubguru.net/ 		76 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/tc
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.75.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fc81edd4c385637fa10598b2f872228e1f99bb6c114ab29f39358b3cddd362ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Origin
content-type
application/json
access-control-allow-origin
https://dd.fhmtk.com
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
22
content-length
76
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=de-DE
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 14 Apr 2024 23:46:06 GMT
clang.json
m2d.m2.ai/ 		601 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m2d.m2.ai/clang.json
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-117.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a39afaf51f70b02ca881976d2571e07ca2cbdc024ccdd6be58e4ce559c067548

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Sun, 14 Apr 2024 23:46:08 GMT
via
1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
601
last-modified
Thu, 31 Mar 2022 14:24:52 GMT
server
AmazonS3
etag
"b78c1a97491673486e5d9f9a94cfc379"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
F9rMQMOK15QWYfJXOBe0OELjWWq7Firpq-DUVk0v_ID2k-WBLT4rRg==
AGSKWxUGv7LMbrFVSxyhhrcJW2-j5OQVhluwSYJGKjHKLPcfkhTbWpJQR6OcDMUqiTIi8w1kkSCBsBxjjF1S0Wof35Pem9lS8CXcz3_z19_H4pCt6soBmihV0BklslsmAdrBQULjOWTJ2w==
fundingchoicesmessages.google.com/f/ 		371 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUGv7LMbrFVSxyhhrcJW2-j5OQVhluwSYJGKjHKLPcfkhTbWpJQR6OcDMUqiTIi8w1kkSCBsBxjjF1S0Wof35Pem9lS8CXcz3_z19_H4pCt6soBmihV0BklslsmAdrBQULjOWTJ2w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMTM4MzY2LDcwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kZC5maG10ay5jb20vIixudWxsLFtbOCwiZ3R4dkhWcnNBdHciXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMwelkfqZL0zPQw3yI4VBWUNtzTeBw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a59d0bc9eb8c2f74c2f47b69166b169d396ad5555fbc1c4575597459e6284cfd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V3JPPRgEdymyOLI96aIOtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-V3JPPRgEdymyOLI96aIOtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo59Vz9uYBNYsOnRByYA_iQrww"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de-DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 19:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Apr 2025 19:41:29 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwk61vKr_lXaz8aBmX4W9RvMB1twQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 23:46:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 23:46:07 GMT
F2sAjEdLkAEgEelrsV3lNK2zJxnK2bKaFE0Z1WjiWpsER1kL64qPtOG0tdA4iEE_3XGQS4uTokyh7X9JhQLsabEo75Hb6-Rgtp0B_DLSlt3fFJUIptCNmg=h60
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/F2sAjEdLkAEgEelrsV3lNK2zJxnK2bKaFE0Z1WjiWpsER1kL64qPtOG0tdA4iEE_3XGQS4uTokyh7X9JhQLsabEo75Hb6-Rgtp0B_DLSlt3fFJUIptCNmg=h60
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bb81b96463531f6cda4e16eb07e4d0dbd9996329d3c62f70930f497365ccfe0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:32:52 GMT
x-content-type-options
nosniff
age
795
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4075
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 15 Apr 2024 23:32:52 GMT
container.html
76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0002 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 23:46:06 GMT
expires
Mon, 14 Apr 2025 23:46:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
176411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 02:46:41 GMT
x-content-type-options
nosniff
age
161966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 02:46:41 GMT
AGSKWxWLe9II7OLM163pVklv904eL87kwqpeK_8RpCXBa7RS-e_wfk8Plf3nDrMEq5jLI_cKLdBE3gkMNDJdVGD5qUS9EuWNoVnU-whQ-yIaY_UKW7EYvNlBOCOtt4Xv4fgjxfatORqjlQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWLe9II7OLM163pVklv904eL87kwqpeK_8RpCXBa7RS-e_wfk8Plf3nDrMEq5jLI_cKLdBE3gkMNDJdVGD5qUS9EuWNoVnU-whQ-yIaY_UKW7EYvNlBOCOtt4Xv4fgjxfatORqjlQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMwelkfqZL0zPQw3yI4VBWUNtzTeBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5syFXXEkduaEVyHYYI0WEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Apr 2024 23:46:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5syFXXEkduaEVyHYYI0WEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1gDgFiIh2Pf1Y8b2AR-XHp1kRkAy2INWg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://dd.fhmtk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame CE11 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame CE11 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame CE11 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame CE11 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame CE11 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame CE11 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 22:50:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 23:46:07 GMT
truncated
/ Frame CE11 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deb2ca1025567e8fbbcdae09391bf1e6600287712e422e975ac25e1630c10e07

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ar_bl.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame CE11 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar_bl.png
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
219562e1d3425830182be0b7ce1e4855432e637faf46bf8665be4f6162cb47ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 22:30:08 GMT
x-content-type-options
nosniff
server
cafe
age
4559
etag
17396464291847592784
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2733
x-xss-protection
0
expires
Mon, 15 Apr 2024 22:30:08 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame CE11 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:03:17 GMT
x-content-type-options
nosniff
server
cafe
age
56570
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 Apr 2024 08:03:17 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CE11 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 04:01:15 GMT
x-content-type-options
nosniff
age
503092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 04:01:15 GMT
container.html
76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B543 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 23:46:06 GMT
expires
Mon, 14 Apr 2025 23:46:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 3EAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP&co=aHR0cHM6Ly9kZC5maG10ay5jb206NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=ypv798kpjo0u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PYbIzRU8163QjoNPbiyn7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PYbIzRU8163QjoNPbiyn7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 23:46:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame D66A 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame D66A 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame D66A 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame D66A 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame D66A 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame D66A 		4 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 21:58:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 23:46:07 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame D66A 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:03:17 GMT
x-content-type-options
nosniff
server
cafe
age
56570
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 Apr 2024 08:03:17 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/12812033087985445549/ Frame D66A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12812033087985445549/6592766407814317453
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a003409b0e289ef160d55d7374eb4f633ad001d4ae5d2db995fdae69898e852d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 09 Apr 2025 02:19:42 GMT
date
Tue, 09 Apr 2024 02:19:42 GMT
x-content-type-options
nosniff
age
509185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14338
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 11:56:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/10319770046087438281/ Frame D66A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10319770046087438281/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9f85477b278396adf98c935f973074f05a175c1c4f8b10324514925177d13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 13 Apr 2025 12:13:13 GMT
date
Sat, 13 Apr 2024 12:13:13 GMT
x-content-type-options
nosniff
age
127974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1804
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 11:56:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame D66A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
064b4c76be14b4edaf005e19e07ae7ed421bdad72c9bf0a06ff2a14a13d85221

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame D66A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 19:53:07 GMT
x-content-type-options
nosniff
server
cafe
age
13980
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Mon, 15 Apr 2024 19:53:07 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame 8402 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 8402 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 8402 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 8402 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 8402 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 Apr 2024 17:10:44 GMT
age
542123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame 8402 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 21:58:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 23:46:07 GMT
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 8402 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 19:53:07 GMT
x-content-type-options
nosniff
server
cafe
age
13980
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Mon, 15 Apr 2024 19:53:07 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 8402 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:03:17 GMT
x-content-type-options
nosniff
server
cafe
age
56570
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 Apr 2024 08:03:17 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/12812033087985445549/ Frame 8402 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12812033087985445549/6592766407814317453
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a003409b0e289ef160d55d7374eb4f633ad001d4ae5d2db995fdae69898e852d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 09 Apr 2025 02:19:42 GMT
date
Tue, 09 Apr 2024 02:19:42 GMT
x-content-type-options
nosniff
age
509185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14338
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 11:56:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/10319770046087438281/ Frame 8402 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10319770046087438281/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: dd.fhmtk.com
URL: https://dd.fhmtk.com/?p=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9f85477b278396adf98c935f973074f05a175c1c4f8b10324514925177d13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 13 Apr 2025 12:13:13 GMT
date
Sat, 13 Apr 2024 12:13:13 GMT
x-content-type-options
nosniff
age
127974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1804
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 11:56:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 8402 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8410a6eef61f569f475a35c8e9b81c0c3d206371fb3a68d7a06b20830fc80c65

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8402 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
169244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8402 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://dd.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
158121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame CE11 		0
0
adview
pagead2.googlesyndication.com/pagead/ Frame D66A 		0
0
adview
pagead2.googlesyndication.com/pagead/ Frame 8402 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
451fdfd87cae19beafc32a057ae45b77d0833f0ae21abbd7ab87558b2c68810d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12426
x-xss-protection
0
favicon.ico
dd.fhmtk.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dd.fhmtk.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/?p=12
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 14 Apr 2024 23:46:07 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1251
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 23:46:07 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9F1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfK2HYUAAAAANzy4CR5rAg3my4Tria55kER9dWP
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YSnuXZv_1DcJ4TIIOv171A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YSnuXZv_1DcJ4TIIOv171A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 23:46:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dd.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
14181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 19:49:46 GMT
expires
Mon, 14 Apr 2025 19:49:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
stream
a3.pubguru.net/ 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=arinterval
Requested by
Host: c.pubguru.net
URL: https://c.pubguru.net/v/pg-240410-b55-nc-3302294bb5416e62025ae997fff49f85.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.75.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-75-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dd.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Apr 2024 23:46:08 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Origin
content-type
text/plain
access-control-allow-origin
https://dd.fhmtk.com
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
2
content-length
2
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C39WZvmocZu-7MMjS1PIP44i9iAjF_LKHd9PX6aXQEqPo1_PGARABIODMrKIBYJXq-oGUB6ABvMOPminIAQGpAqGDRW9GBrI-4AIAqAMByAMKqgSGAk_QlqBvjQyMywF3czIYbpSMv1l0rVrbJ6-3-Oy1fhGmsB4hjbfnPym8n9eHM8bflgykzs59fI5uPHDIehiyVhXZgpfy34qsDnPyd2TgybAUUEXxcYZVIhiNtouEN4mNfRUDhWBwnBlbTG0rw9QLiZ82RW96CDUiuSb_G4A_jbKxXZy4UqCIYAjvACudD2a1nh3pgnMdK6pC1-c4hLcT4ZteG8E1qxvqaxQBUPDwe-PgXLUZpgWbcpoTBsKIDlVTqPNzoIhSEvy9VS4Mem0J6IUCGs2kLZfYQxiFE1uig1ZZI5JVFUe5Qz5Ut7X1FZ-CMSsFtvrB3fKvTEj1PJUToS4z3xj98ZjABPuksb3YBOAEAYgFjv7V9k6SBQQIBBgBkgUECAUYBIAHvPvf-QOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAtgHAfIHBBCpumzSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpY2uma3vHChQOaCVZodHRwczovL2FjYWRlbWljLWluc3RpdHV0ZS5jb20vc3R1ZGllbmdhZW5nZS9tc2Mtc2V4dWFscHN5Y2hvbG9naWUtdW5kLXNleHVhbHRoZXJhcGllL4AKA8gLAeINEwixjJve8cKFAxVIKVUIHWNED4HYEwrQFQGYFgGAFwGyFx8KHQgAEhRwdWItODUxMTA0ODYzODUyMDExOBj10J4BshgJEgKLVBgBIgEA&sigh=mtTPnFbGToU&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C5sSdv2ocZsn9COuJ1PIP-vSTwAGal62Jd4Cxx_KdEvSNhZ4LEAEg4MysogFgler6gZQHoAHli6fiKsgBCeACAKgDAcgDCqoE8wFP0GPz74St6PfTd7ML_hpjA63VzGVQ3I02MnQ9Yc54aQIgG2g38w4hVc--EIBYXoMFhwMtiqcg3kY152AuWxTVbm-YgbmtTZUQlqwgBvalo4rPxWIOx-F7FQdUr7p84gs17zBteZ412QEyCx2TwhZqgKkd31jjHWpICwo6ImLHnCPdsej-Cp8M0Q3WYRk1pKlwqpTo7MCpToa6lO9PJDFA90PKUKsZftEwv7Lrkuc0ZJx0xz0iSY6q6FhaHWGNO64is3wdlPHX7nPlFWb6ELKmEkR6VuhR2yalqheNZTaKNdSg5BEXvzySTKnjRXh9RrY00sTABIy85d7qBOAEAYgFo8D37E6SBQQIBBgBkgUECAUYBKAGLoAH5cP3wQWoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAtgHAPIHBBDCsm3SCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYj_Ca3vHChQOaCYwBaHR0cHM6Ly9wZGZzcGFya3MuY29tL2Rvd25sb2FkU3BhcmtzLmh0bWw_Y2FtcGFpZ25faWQ9MjExNjY0MTU5MDcmYWRncm91cF9pZD0xNjYwOTE5MDY1NzImcGxhY2VtZW50X2lkPWRkLmZobXRrLmNvbSZjcmVhdGl2ZV9pZD02OTYxNzI4NzQzNDSACgPICwHiDRMIqrKb3vHChQMV6wRVCB16-gQYuBPkA9gTC4gUAdAVAYAXAbIXHwodCAASFHB1Yi04NTExMDQ4NjM4NTIwMTE4GPXQngGyGAkSAt5oGC4iAQDoGAE&sigh=t3zp-atZ4I4&uach_m=%5B%5D&ase=2&nis=5&template_id=484&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=Cy4CVv2ocZtu2DonT1PIPh5-NuA-al62Jd4Cxx_KdEvSNhZ4LEAEg4MysogFgler6gZQHoAHli6fiKsgBCeACAKgDAcgDCqoE8QFP0HxiM2EBzjmvmq547UvdkmQkkBi9q0SpIhXtFHOLkehfY0xHOdxvSEBYe1RU4E5R8O8RGJkfYy_mo9wkrMmVzHoCHtHVqE3Qn9euYlqr4nxsPqssEBPy8hEq1q29dvYc8EcQF73hSY34S8Mrv4D9SyubmpELiqpA_AUN61BVOzOILqgkr7yvR74w5QMwvoIAkzvl-nnu_WI8w4NHsVzT7YpmccjtIzv6rX3qkbh1n5XqPXgmmXLYPpl74x3gmoQ1WIKjYOyyHPCWsn-xjrWu3unbGSdj0NcZzpWcffJFY3FQoIkj7IoV0dBTzOD-NF_nwASMvOXe6gTgBAGIBaPA9-xOkgUECAQYAZIFBAgFGASgBi6AB-XD98EFqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQLYBwDyBwQQkKJM0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WOb2mt7xwoUDmgmMAWh0dHBzOi8vcGRmc3BhcmtzLmNvbS9kb3dubG9hZFNwYXJrcy5odG1sP2NhbXBhaWduX2lkPTIxMTY2NDE1OTA3JmFkZ3JvdXBfaWQ9MTY2MDkxOTA2NTcyJnBsYWNlbWVudF9pZD1kZC5maG10ay5jb20mY3JlYXRpdmVfaWQ9Njk2MTcyODc0MzQ0gAoDyAsB4g0TCLigm97xwoUDFYkpVQgdh08D97gT5APYEwuIFAHQFQGAFwGyFx8KHQgAEhRwdWItODUxMTA0ODYzODUyMDExOBj10J4BshgJEgLeaBguIgEA6BgB&sigh=JWbdA6gCyBY&uach_m=%5B%5D&ase=2&nis=5&template_id=484&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404110101&jk=817548287874264&bg=!9Pel97jNAAbi8lI9wvI7ADQBe5WfOAwRbFVbYRw_nsd8hCBnYj5M4JvQXYamR_5tAG1uKsmCTpue6qWdEy9KibA22M_HAgAAAEVSAAAAAmgBB34ANVrlBxPkjldTLK-eqi98jA2cEXekXPpBXvr1egiOmbFz2MSoljEl2oYZ6Z0r4b1iDMn_FZfhCgCt3zGXt4nT-PNsFMMLIzqc3SnATkY_WjkADASU05-U1OL6tXAK2eJnvqmMirOcG5G6IiaxEZ95c1hzCahXoSRo8FP70mv6tJL2P_woaZY8FQyn9YxG0-bRSaEFcCLy9Ny91b0vm9Z6TR2p3scStIP1X0oLnZehxLgtG2C7naOb0vXOSV6z-yC5Dl6kVC6xQAM9owA-nDDqvy9rPpuYMBGY1tYjPOvIMdkSc9Gl9sSZAqQfmOwe6UE8IxLAeNwaaQEsrt3U_JuKeQTrwK3GagtHxoJROAFvLd7pCslEAVEpP1AYc7Wj7sVKqvpHMTvbCi81IFV8qxfwe556Aeq__2hXUu50G7Piw3lX0_t3N-1_C6azG-D9bKnSp5kxImh-ZJVh2FbwZYR49lHbJ4R-Bm-FdLr8qRqylUi2howo-DK8lnOnjpV-DazGTtslxghwbGSsMoMtSJk6Y8DMt6MTkkT4il_ujP_KHZQcQF7fFlBSJvJWLTY6o1KhDflsPCo3Rx74qMOhJMwQ_dw8ntEXM2pcXub2J3ny4TKNJf1wtvi662oFiCRJz694jOeXatUzgtxVVJA14YNKk9VrNGq-YdrOsZVgycDcjK6HZ2F89YUtuhtIu78zwuSwgvELkTfLBWeq84rxecXN5eAxzgYRWDxbdtFJpL4QnqbcAebAGSkXVjVSRqpaKqrKwnEA1tr4ZzhDQTHu9mpJbUQ2boc97_-TWGUq90at1iccIT_GOwEzuLBMbR7iY6RVhvXNKTiqhlKhzzOeWWcnxuEf0Hk24ROjF_m_af5lo_hH887CfJ0OFd5ysef-Klh6dCg7xs2oUFhwBLkXNpbzV_Eq7avscCBYWJd9fnQB-O9ffpOjqd10a96eEB9AM0BBghUyC-zNFJg1GKbGudTM311vMIc1zVuHvV0UWlyWRK4QPVfU4PEvsJqcyQs2oDcolh5LqX9MRkj3qQUg6VCUIGoqY2vB0DPid93SW1-dw4uwvZbtMGYkH2BjZ7mzHEjVHHBdxsIdJSeDteDAwAK1dXAwmxns9WJW3DPsDU5JKZ7WN-2i3P0itct0SjyHyz6Br8Z6dErSdaetkuK6Yeh0N2WkFD3P82olAnOXwkk46XLmIoilAvwC4IFdL6p1

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| gtag object| dataLayer object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map object| gaGlobal object| adUnits object| adBidders object| pgGamNetwork object| pgPublisher object| pgDomain object| pgManagedScripts object| pg function| WOW function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| google_tag_manager function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| m2hb object| pbjs function| __logBidWon function| __logAdRender object| twemoji object| wp object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzA5NDc4ZDY5ZjA5NTkzMmxvYWRlcl9qcw== string| MzA5NDc4ZDY5ZjA5NTkzMmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_738601 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

36 Cookies

Domain/Path Name / Value
dd.fhmtk.com/ Name: pg_last_pageview_data
Value: {"cohortId":"1","cohortUpdatedAt":"2404101342","configId":16020}
dd.fhmtk.com/ Name: pg_buildfile
Value: 240410-b55-nc-3302294bb5416e62025ae997fff49f85
dd.fhmtk.com/ Name: pg_unq_cohort_key
Value: 1:2404101342
.fhmtk.com/ Name: _ga_ZHSVJRPB5R
Value: GS1.1.1713138366.1.0.1713138366.0.0.0
.fhmtk.com/ Name: _ga
Value: GA1.1.277875272.1713138366
dd.fhmtk.com/ Name: pg_ai_chaser
Value: chaser_e
dd.fhmtk.com/ Name: pg_ai_vw
Value: noViewabilityFeature_d
dd.fhmtk.com/ Name: pg_ai_vgnt
Value: vignette_e
dd.fhmtk.com/ Name: pg_lazy
Value: 0
dd.fhmtk.com/ Name: pg_analytics
Value: 0
dd.fhmtk.com/ Name: pg_session_depth
Value: 1
dd.fhmtk.com/ Name: pg_mm2_cookie_a
Value: 39693e86-f361-4a85-a8cb-c6cacf14c04c
dd.fhmtk.com/ Name: pg_session_id
Value: e0e8ac03-9592-45cd-a2ab-3a5b934b18b2
dd.fhmtk.com/ Name: pg_tc
Value: sample
dd.fhmtk.com/ Name: pg_interscroller
Value: 0
dd.fhmtk.com/ Name: pg_autoAd
Value: 0
dd.fhmtk.com/ Name: pg_canonical_session
Value: dd.fhmtk.com/?p=12
dd.fhmtk.com/ Name: pg_beacon
Value: 1
dd.fhmtk.com/ Name: pg_outstream
Value: 1
dd.fhmtk.com/ Name: pg_pl
Value: 9
dd.fhmtk.com/ Name: pg_quick_check
Value: true
dd.fhmtk.com/ Name: pg_ua
Value: Mozilla/5.0 (Windows NT 10.0 Win64 x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
dd.fhmtk.com/ Name: pg_inner_width
Value: 1600
dd.fhmtk.com/ Name: pg_tc_device
Value: desktop
dd.fhmtk.com/ Name: pg_latency_before_tc
Value: 214
dd.fhmtk.com/ Name: pg_geo
Value: {"country":"DE","region":"BE","ip":"80.255.7.107"}
dd.fhmtk.com/ Name: pg_custom_timeout
Value:
dd.fhmtk.com/ Name: pg_ip
Value: 80.255.7.107
.pubguru.net/ Name: pg_c
Value: 74a8a17b-7352-4942-a6ea-2bc58c21101d
dd.fhmtk.com/ Name: pg_lava
Value:
dd.fhmtk.com/ Name: pg_bot_percent
Value: 99.99
dd.fhmtk.com/ Name: pg_bot_reason
Value: mrf
dd.fhmtk.com/ Name: pg_bot_model
Value: 1
dd.fhmtk.com/ Name: pg_tc_response_time
Value: 98
.fhmtk.com/ Name: __eoi
Value: ID=2dba4057bf300457:T=1713138366:RT=1713138366:S=AA-AfjbdU9VTWnIX3rODrkKB8llA
dd.fhmtk.com/ Name: pg_pv_time_1
Value: 1177

6 Console Messages

Source Level URL
Text
other verbose URL: https://dd.fhmtk.com/?p=12
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
other warning URL: https://dd.fhmtk.com/?p=12
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dd.fhmtk.com/?p=12
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dd.fhmtk.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://dd.fhmtk.com/?p=12
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76d0e5706eb627b78de4d7838af43400.safeframe.googlesyndication.com
a3.pubguru.net
c.pubguru.net
cdn.ampproject.org
dd.fhmtk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
invalid
lh3.googleusercontent.com
m2d.m2.ai
pagead2.googlesyndication.com
region1.google-analytics.com
secure.gravatar.com
securepubads.g.doubleclick.net
striveme.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.gstatic.com
invalid
pagead2.googlesyndication.com
142.250.186.100
172.217.18.99
18.173.154.117
2001:4860:4802:34::36
216.58.206.78
216.58.212.162
2606:4700:20::ac43:4901
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:828::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a04:fa87:fffe::c000:4902
3.123.75.12
66.29.132.46
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
014d1396c9dcab6c33acbe7d8def9909c59352474aeede15759cfc04146196a7
04ecc928b3772d0fa3d451e2d2f89e677b21f3a88b6d5d2e204722d3a183d403
064b4c76be14b4edaf005e19e07ae7ed421bdad72c9bf0a06ff2a14a13d85221
0a6df6061433cb941cfb2ddcfb11c78f11c17a68b39e668b30dd0500a60b5084
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
11dc67bacd54229ac95a9c06d778c326771a334bfd1963f1cf21f48059b4d392
1826b41a5b5913ded25f3d10a8107d875f1b5c498c9d15a9cd68fa31e60d5505
219562e1d3425830182be0b7ce1e4855432e637faf46bf8665be4f6162cb47ac
21d96d766206495974ccf53af44ec1588a94faae4faaaf26d291f2d6ecdb7b0d
24cd49deda453a2cef4d9f8d36e606af1040c874d651714ef5f24de9d848b772
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e34a19e0b985c840177b483cc1fad9b02a2ede18773f92acf35c73cfe6eed4e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451fdfd87cae19beafc32a057ae45b77d0833f0ae21abbd7ab87558b2c68810d
47e47eaf321a6896f0e6416ff9d7951a7240a856f891749ce83a86af010057dd
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
78dc62a6fcdc861f3c280f7f123a16f7b31e016ef298477d20f9909de67a40a5
7c9f85477b278396adf98c935f973074f05a175c1c4f8b10324514925177d13f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8410a6eef61f569f475a35c8e9b81c0c3d206371fb3a68d7a06b20830fc80c65
8762c3da365e2c392b99d8ca2ee3bab9157dd95df7abb86d0f9a3681b22a48c8
87cc848d668bf2270e360f5f1fddad192885469b1662aa248c562ea628410280
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92e6b263c2aeeecf8ecf0c9675bbed598d3392e85d02eb24120c0e638e642588
96aff4e9f88d240cb8b86e3cf1909f60cd7c7d6935dd0a261e3f4262287a5856
a003409b0e289ef160d55d7374eb4f633ad001d4ae5d2db995fdae69898e852d
a39afaf51f70b02ca881976d2571e07ca2cbdc024ccdd6be58e4ce559c067548
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
a59d0bc9eb8c2f74c2f47b69166b169d396ad5555fbc1c4575597459e6284cfd
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7325d43e37a1e7f1980146776b0ff73244aadd103a9ae2639d1b991ba7f84a5
a74008887d6a748a86213a92f835604b386b6f9a324dff4937d1892248410a28
a74468ed44176f7781c176838888d27e3d801f927b9a534d173260b113621e7b
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
ab04eb8605f6c8732783d074609d13c078a058856e7ea10c622c7b7d7cfc4954
b9122761c316ef0bf7010f8a4005233de4a7963a7fa519cf50955a4e354f3729
bb81b96463531f6cda4e16eb07e4d0dbd9996329d3c62f70930f497365ccfe0c
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce44ccff82fc30d850f4b9ce5d47b1b727f9600d24b0f3bf2b755d7e0795304c
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d9a8d9b50817ec70d7ba99e2c78b2e4661a90c5911561462ce5e2468ab82caec
daf6aaa186a4d54af9938e17fbf8bb7b9fe3f3345f93d6cf0c3360cab8c9ae0f
deb2ca1025567e8fbbcdae09391bf1e6600287712e422e975ac25e1630c10e07
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
ea44e09046d9014e6195a6c8b0e1d97ab2716b2b544bb3932460bcea465b2668
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc81edd4c385637fa10598b2f872228e1f99bb6c114ab29f39358b3cddd362ad